Advances in Cryptology – CRYPTO 2013: 33rd Annual Cryptology by Yehuda Lindell (auth.), Ran Canetti, Juan A. Garay (eds.)

By Yehuda Lindell (auth.), Ran Canetti, Juan A. Garay (eds.)

The volume-set, LNCS 8042 and LNCS 8043, constitutes the refereed court cases of the thirty third Annual foreign Cryptology convention, CRYPTO 2013, held in Santa Barbara, CA, united states, in August 2013. The sixty one revised complete papers offered in LNCS 8042 and LNCS 8043 have been rigorously reviewed and chosen from a variety of submissions. abstracts of the invited talks also are incorporated within the lawsuits. The papers are geared up in topical sections on lattices and FHE; foundations of hardness; cryptanalysis; MPC - new instructions; leakage resilience; symmetric encryption and PRFs; key alternate; multi linear maps; excellent ciphers; implementation-oriented protocols; number-theoretic hardness; MPC - foundations; codes and mystery sharing; signatures and authentication; quantum safeguard; new primitives; and useful encryption.

SCN 2012. LNCS, vol. 7485, pp. 241–263. Springer, Heidelberg (2012) 5. : Multiparty computation from somewhat homomorphic encryption. In: Safavi-Naini, R. ) CRYPTO 2012. LNCS, vol. 7417, pp. 643–662. Springer, Heidelberg (2012) 6. : A practical scheme for non-interactive verifiable secret sharing. In: 28th Annual Symposium on Foundations of Computer Science (FOCS), pp. 427–437. IEEE (1987) 7. : Foundations of Cryptography. Basic Applications, vol. 2. Cambridge University Press, Cambridge (2004) 8.

18] evaluates circuits at the rate of about 8 ms/gate when a single thread is used. 8 ms/gate; by comparison, the two-threaded execution in [18] achieved a rate of roughly 4 ms/gate. , due to cache contention and dependence on shared hardware and I/O). Our measured performance gains relative to [18] exceed the expected factor of 3. This may be due to differences in hardware or implementation, or the complexity of managing multiple threads in the implementation of [18] regardless of how many cores are being used.

Rewind again and continue the interaction using J . 6. Let j ∗ be a circuit which is an evaluation circuit in J , but a check circuit in J . For i = 1, . . , n, use the κ/2 shares of szi i from P1 ’s check circuits (with respect to J ) plus the additional share of szi i from circuit j ∗ (that was a check circuit with respect to J ) to reconstruct szi i . Set tzi i = szi i . 7. For i = 1, . . , n, do the following. – If zi = 0, obtain P1 ’s input s0i t0i to the first equality test. If s0i t0i = t0i s0i , return 1; else return 0.

