Card-based Cryptographic Protocols Using a Minimal Number of Cards
|
|
- Liliana Banks
- 5 years ago
- Views:
Transcription
1 Card-based Cryptographic Protocols Using a Minimal Number of Cards ASIACRYPT 2015 Alexander Koch, Stefan Walzer, Kevin Härtel DEPARTMENT OF INFORMATICS, INSTITUTE OF THEORETICAL INFORMATICS Alexander Koch et al. Card-based Cryptographic Protocols Using a Minimal Number of Cards KIT The Research University in the Helmholtz Association
2 Motivating Scenario I Calculating Mutual Interest with Playing Cards Secrets: Do I fancy him/her? To compute: Is there mutual interest? Secure 2-party AND without computers Trusted Computation Alexander Koch et al. Card-based Cryptographic Protocols Using a Minimal Number of Cards
3 Motivating Scenario I Calculating Mutual Interest with Playing Cards Secrets: Do I fancy him/her? To compute: Is there mutual interest? Secure 2-party AND without computers Trusted Computation Alexander Koch et al. Card-based Cryptographic Protocols Using a Minimal Number of Cards
4 Motivating Scenario I Calculating Mutual Interest with Playing Cards Secrets: Do I fancy him/her? To compute: Is there mutual interest? Secure 2-party AND without computers Trusted Computation Alexander Koch et al. Card-based Cryptographic Protocols Using a Minimal Number of Cards
5 Motivating Scenario I Calculating Mutual Interest with Playing Cards Secrets: Do I fancy him/her? To compute: Is there mutual interest? Secure 2-party AND without computers Trusted Computation Alexander Koch et al. Card-based Cryptographic Protocols Using a Minimal Number of Cards
6 Motivating Scenario II Explaining MPC to Non-Experts/Students You meet s.o. at a bar and want to explain MPC as an example from your work life Alexander Koch et al. Card-based Cryptographic Protocols Using a Minimal Number of Cards
7 Motivating Scenario II Explaining MPC to Non-Experts/Students You meet s.o. at a bar and want to explain MPC as an example from your work life. Or to students in class Alexander Koch et al. Card-based Cryptographic Protocols Using a Minimal Number of Cards
8 Motivating Scenario III You are a theoretician What is possible with unconventional computational models? MPC from indistinguishability of cards & correct shuffling cf. to physical assumptions like tamper-proofness of hardware } {{ } read vis. card seq. do action on cards finite state control Alexander Koch et al. Card-based Cryptographic Protocols Using a Minimal Number of Cards
9 Setting and Goal Two types of indistinguishable cards: Heart and club with backside. Encode bits as ˆ= 0 ˆ= 1 Our goal ( committed format ) Take face-down input (bits a, b) Compute face-down output (a b) Learn nothing about the input or output during protocol run Alexander Koch et al. Card-based Cryptographic Protocols Using a Minimal Number of Cards
10 Setting and Goal Two types of indistinguishable cards: Heart and club with backside. Encode bits as ˆ= 0 ˆ= 1 Curiosity: is perfectly hiding & binding Our goal ( committed format ) Take face-down input (bits a, b) Compute face-down output (a b) Learn nothing about the input or output during protocol run Alexander Koch et al. Card-based Cryptographic Protocols Using a Minimal Number of Cards
11 Setting and Goal Two types of indistinguishable cards: Heart and club with backside. Encode bits as ˆ= 0 ˆ= 1 Curiosity: is perfectly hiding & binding Our goal ( committed format ) Take face-down input (bits a, b) Compute face-down output (a b) Learn nothing about the input or output during protocol run Alexander Koch et al. Card-based Cryptographic Protocols Using a Minimal Number of Cards
12 A Simple Six-Card AND Protocol Mizuki and Sone [MS09] Observation: (a b) (if a then b else 0) The Protocol: }{{} a }{{}}{{} b 0 Turn first two cards result is cards 3, 4 }{{} ˆ= 1 result is cards 5, 6 }{{} ˆ= Alexander Koch et al. Card-based Cryptographic Protocols Using a Minimal Number of Cards
13 A Simple Six-Card AND Protocol Mizuki and Sone [MS09] Observation: (a b) (if a then b else 0) (if a then 0 else b) The Protocol: }{{} a }{{}}{{} b 0 Turn first two cards result is cards 3, 4 }{{} ˆ= 1 result is cards 5, 6 }{{} ˆ= Alexander Koch et al. Card-based Cryptographic Protocols Using a Minimal Number of Cards
14 A Simple Six-Card AND Protocol Mizuki and Sone [MS09] Observation: (a b) (if a then b else 0) (if a then 0 else b) The Protocol: }{{} a }{{}}{{} b 0 p = ½ }{{} a }{{}}{{} 0 b With probability 1 /2: Apply permutation (1 2)(3 5)(4 6). Turn first two cards result is cards 3, 4 }{{} ˆ= 1 result is cards 5, 6 }{{} ˆ= Alexander Koch et al. Card-based Cryptographic Protocols Using a Minimal Number of Cards
15 A Simple Six-Card AND Protocol Mizuki and Sone [MS09] Observation: (a b) (if a then b else 0) (if a then 0 else b) The Protocol: }{{} a }{{}}{{} b 0 p = ½ }{{} a }{{}}{{} 0 b With probability 1 /2: Apply permutation (1 2)(3 5)(4 6). For privacy: each player once, without the other looking. Turn first two cards }{{} ˆ= 1 result is cards 3, 4 result is cards 5, 6 }{{} ˆ= Alexander Koch et al. Card-based Cryptographic Protocols Using a Minimal Number of Cards
16 Demonstration of the Six-Card-Protocol Mizuki and Sone [MS09] Alexander Koch et al. Card-based Cryptographic Protocols Using a Minimal Number of Cards
17 Demonstration of the Six-Card-Protocol Mizuki and Sone [MS09] Alexander Koch et al. Card-based Cryptographic Protocols Using a Minimal Number of Cards
18 Demonstration of the Six-Card-Protocol Mizuki and Sone [MS09] id with p = 1 /2 π with p = 1 /2 (shuffle, {id, π = (1 2)(3 5)(4 6)}) Alexander Koch et al. Card-based Cryptographic Protocols Using a Minimal Number of Cards
19 Demonstration of the Six-Card-Protocol Mizuki and Sone [MS09] id with p = 1 /2 π with p = 1 /2 (shuffle, {id, π = (1 2)(3 5)(4 6)}) (turn, {1, 2}) (turn, {1, 2}) Alexander Koch et al. Card-based Cryptographic Protocols Using a Minimal Number of Cards
20 Can we do better than six cards? Open problem from [MS09; MS14; MKS12] Main Question: Can a b be computed with 4 cards? in committed format (in the model of Mizuki and Shizuya [MS14]) Alexander Koch et al. Card-based Cryptographic Protocols Using a Minimal Number of Cards
21 Can we do better than six cards? Open problem from [MS09; MS14; MKS12] Main Question: Can a b be computed with 4 cards? in committed format (in the model of Mizuki and Shizuya [MS14]) without committed output: [MKS12]: 4-card protocol without committed input and output: [MWS15]: 2- and 3-card protocols Alexander Koch et al. Card-based Cryptographic Protocols Using a Minimal Number of Cards
22 Can we do better than six cards? Open problem from [MS09; MS14; MKS12] Main Question: Can a b be computed with 4 cards? in committed format (in the model of Mizuki and Shizuya [MS14]) Our Results 1 Yes, 4 cards suffice... 2 But 4-card protocols are necessarily Las Vegas (LV) no a priori bound on runtime method: analyze states of protocols 3 Yes, 5 cards suffice for finite-runtime protocols 4 LV protocol for k-ary functions using 2k cards 5 Note: Complex Shuffles needed Alexander Koch et al. Card-based Cryptographic Protocols Using a Minimal Number of Cards
23 State Transitions: The Six-Card Protocol Protocol State: Annotate currently possible sequences with probability in terms of symbolic input prob. X ij = Pr[a = i, b = j] X 11 X 10 X 01 X Alexander Koch et al. Card-based Cryptographic Protocols Using a Minimal Number of Cards
24 State Transitions: The Six-Card Protocol Protocol State: Annotate currently possible sequences with probability in terms of symbolic input prob. X ij = Pr[a = i, b = j] X 11 X 10 X 01 X Alexander Koch et al. Card-based Cryptographic Protocols Using a Minimal Number of Cards
25 State Transitions: The Six-Card Protocol Protocol State: Annotate currently possible sequences with probability in terms of symbolic input prob. X ij = Pr[a = i, b = j] X 11 X 10 X 01 X Alexander Koch et al. Card-based Cryptographic Protocols Using a Minimal Number of Cards
26 State Transitions: The Six-Card Protocol Protocol State: Annotate currently possible sequences with probability in terms of symbolic input prob. X ij = Pr[a = i, b = j] X 11 X 10 X 01 X 00 (shuffle, {id, (1 2)(3 5)(4 6)}) 1 /2X 11 1 /2X /2X 00 1 /2X 01 1 /2X /2X 10 1 /2X 11 1 /2X Alexander Koch et al. Card-based Cryptographic Protocols Using a Minimal Number of Cards
27 State Transitions: The Six-Card Protocol Protocol State: Annotate currently possible sequences with probability in terms of symbolic input prob. X ij = Pr[a = i, b = j] X 11 X 10 X 01 X 00 (shuffle, {id, (1 2)(3 5)(4 6)}) 1 /2X 11 1 /2X /2X 00 1 /2X 01 1 /2X /2X 10 1 /2X 11 1 /2X Alexander Koch et al. Card-based Cryptographic Protocols Using a Minimal Number of Cards
28 State Transitions: The Six-Card Protocol Protocol State: Annotate currently possible sequences with probability in terms of symbolic input prob. X ij = Pr[a = i, b = j] X 11 X 10 X 01 X 00 (shuffle, {id, (1 2)(3 5)(4 6)}) 1 /2X 11 1 /2X /2X 00 1 /2X 01 1 /2X /2X 10 1 /2X 11 1 /2X Alexander Koch et al. Card-based Cryptographic Protocols Using a Minimal Number of Cards
29 State Transitions: The Six-Card Protocol Protocol State: Annotate currently possible sequences with probability in terms of symbolic input prob. X ij = Pr[a = i, b = j] X 11 X 10 X 01 X 00 (shuffle, {id, (1 2)(3 5)(4 6)}) 1 /2X 11 1 /2X /2X 00 1 /2X 01 1 /2X /2X 10 1 /2X 11 1 /2X 01 (turn, {1, 2}) X 11 X 10 + X 00 X 01 (result, 3, 4) X 11 X 10 + X 00 X 01 (result, 5, 6) Alexander Koch et al. Card-based Cryptographic Protocols Using a Minimal Number of Cards
30 State Transitions: The Six-Card Protocol Protocol State: Annotate currently possible sequences with probability in terms of symbolic input prob. X ij = Pr[a = i, b = j] X 11 X 10 X 01 X 00 (shuffle, {id, (1 2)(3 5)(4 6)}) 1 /2X 11 1 /2X /2X 00 1 /2X 01 1 /2X /2X 10 1 /2X 11 1 /2X 01 (turn, {1, 2}) X 11 X 10 + X 00 X 01 (result, 3, 4) X 11 X 10 + X 00 X 01 (result, 5, 6) Alexander Koch et al. Card-based Cryptographic Protocols Using a Minimal Number of Cards
31 State Transitions: The Six-Card Protocol Protocol State: Annotate currently possible sequences with probability in terms of symbolic input prob. X ij = Pr[a = i, b = j] X 11 X 10 X 01 X 00 (shuffle, {id, (1 2)(3 5)(4 6)}) 1 /2X 11 1 /2X /2X 00 1 /2X 01 1 /2X /2X 10 1 /2X 11 1 /2X 01 (turn, {1, 2}) X 11 X 10 + X 00 X 01 (result, 3, 4) X 11 X 10 + X 00 X 01 (result, 5, 6) Alexander Koch et al. Card-based Cryptographic Protocols Using a Minimal Number of Cards
32 State Transitions: The Six-Card Protocol Protocol State: Annotate currently possible sequences with probability in terms of symbolic input prob. X ij = Pr[a = i, b = j] X 11 X 10 X 01 X 00 (shuffle, {id, (1 2)(3 5)(4 6)}) 1 /2X 11 1 /2X /2X 00 1 /2X 01 1 /2X /2X 10 1 /2X 11 1 /2X 01 (turn, {1, 2}) X 11 X 10 + X 00 X 01 (result, 3, 4) X 11 X 10 + X 00 X 01 (result, 5, 6) Alexander Koch et al. Card-based Cryptographic Protocols Using a Minimal Number of Cards
33 State Transitions: The Six-Card Protocol Protocol State: Annotate currently possible sequences with probability in terms of symbolic input prob. X ij = Pr[a = i, b = j] X 11 X 10 X 01 X 00 (shuffle, {id, (1 2)(3 5)(4 6)}) 1 /2X 11 1 /2X /2X 00 1 /2X 01 1 /2X /2X 10 1 /2X 11 1 /2X 01 (turn, {1, 2}) X 11 X 10 + X 00 X 01 (result, 3, 4) X 11 X 10 + X 00 X 01 (result, 5, 6) Alexander Koch et al. Card-based Cryptographic Protocols Using a Minimal Number of Cards
34 Impossibility Result Theorem There is no secure finite-runtime four-card AND protocol Proof Idea Each sequence belongs either to output 0 or to 1. An i j-state has i 0-sequences and j 1-sequences. Define non-reachable good states: not possible by turn/shuffle start state final states bad states Alexander Koch et al. Card-based Cryptographic Protocols Using a Minimal Number of Cards good states
35 Impossibility Result Theorem There is no secure finite-runtime four-card AND protocol Proof Idea Each start sequence type: 3 1 belongs either to output 0 or to 1. An i j-state has X 11 i 0-sequences and j 1-sequences. Define non-reachable X 10 good states: X 01 X 00 not possible by turn/shuffle start state final states bad states Alexander Koch et al. Card-based Cryptographic Protocols Using a Minimal Number of Cards good states
36 Impossibility Result Theorem There is no secure finite-runtime four-card AND protocol Proof Idea Each start sequence type: 3 1 belongs either to output 0 ore.g. to state: An i j-state has X i 0-sequences and j 1-sequences. X X 00 Define non-reachable X 10 good states: X 10 X 1 /2X X 1 /2X not possible by turn/shuffle start state final states bad states Alexander Koch et al. Card-based Cryptographic Protocols Using a Minimal Number of Cards good states
37 Proof Idea Single Card Turns Bad States Good States with const pos without const pos Alexander Koch et al. Card-based Cryptographic Protocols Using a Minimal Number of Cards
38 Proof Idea Single Card Turns Bad States Good States with const pos without const pos 1 1 Observation 1. After turn: with const pos. and 3 sequences Alexander Koch et al. Card-based Cryptographic Protocols Using a Minimal Number of Cards
39 Proof Idea Single Card Turns Bad States Good States with const pos without const pos 1 1 Observation 2. Turnable states are i j with i, j Alexander Koch et al. Card-based Cryptographic Protocols Using a Minimal Number of Cards
40 Proof Idea Single Card Turns Bad States Good States with const pos without const pos 1 1 Observation 3. W.l.o.g. we need to consider half of the states Alexander Koch et al. Card-based Cryptographic Protocols Using a Minimal Number of Cards
41 Proof Idea Single Card Turns Bad States Good States with const pos without const pos Alexander Koch et al. Card-based Cryptographic Protocols Using a Minimal Number of Cards
42 Proof Idea Single Card Turns Bad States Good States with const pos without const pos Alexander Koch et al. Card-based Cryptographic Protocols Using a Minimal Number of Cards
43 Proof Idea Shuffles Bad States Good States with const pos without const pos 1 1 Observation 1. Shuffles increase #sequences per type Alexander Koch et al. Card-based Cryptographic Protocols Using a Minimal Number of Cards
44 Proof Idea Shuffles Bad States Good States with const pos without const pos 1 1 Observation 1. Shuffles increase #sequences per type Alexander Koch et al. Card-based Cryptographic Protocols Using a Minimal Number of Cards
45 Proof Idea Shuffles Bad States Good States ? ? with const pos without const pos Alexander Koch et al. Card-based Cryptographic Protocols Using a Minimal Number of Cards
46 Proof Idea Shuffles Bad States s 0 : s 0 : s 1 : Good States Apply (shuffle, Π, F) to this state. with const pos 1 1 Case 1: All π Π put constant column to same position. = the resulting state still has a constant column. without const pos Alexander Koch et al. Card-based Cryptographic Protocols Using a Minimal Number of Cards
47 Proof Idea Shuffles Bad States p = ½ s 0 : s 0 : s 1 : 4 1 s 0 : s 1 : Good States with const pos without const pos Apply (shuffle, Π, F) to this state. 1 1 Case 2: There are π 1, π 2 Π putting the const. col. in different pos. = the resulting state has at least 5 sequences Alexander Koch et al. Card-based Cryptographic Protocols Using a Minimal Number of Cards
48 Our Four-Card Protocol X 11 X 10 X 01 X 00 start state 1 /2X 11 1 /2X 11 1 /2X /2X 01 1 /2X /2X 01 (shuffle, {id, (1 3)(2 4), (2 3), ( )}) 1 /2X 00 1 /2X 00 (turn, {2}) X 11 X 10 + X 01 X 00 (shuffle, {id, (1 3)}) X 11 X 10 + X 01 X 00 (shuffle, {id, (3 4)}) X 1 /2X 0 (perm, ( )) 1 /2X 0 (shuffle, {id, (1 2)(3 4)}, F) F : id 1 /3, (1 2)(3 4) 2 /3 1 /3X 1 2 /3X 1 1 /6X 0 1 /3X 0 1 /2X 0 (turn, {4}) (perm, ( )) X 1 1 /2X 0 1 /2X 0 (shuffle, {id, (1 3)(2 4)}, F) F : id 1 /3, (1 3)(2 4) 2 /3 1 /3X 1 2 /3X 1 1 /6X 0 1 /3X 0 1 /2X 0 (turn, {1}) X 1 X 0 (result, 1, 2) (shuffle, {id, (1 3)}) X 1 1 /4X 0 3 /4X 0 X 1 1 /2X 0 1 /2X 0 X 1 1 /4X 0 3 /4X 0 X 1 1 /2X 0 1 /2X 0 (shuffle, {id, (3 4)}) X 1 X 0 (result, 2, 4) Alexander Koch et al. Card-based Cryptographic Protocols Using a Minimal Number of Cards
49 Our Four-Card Protocol X 11 X 10 X 01 X 00 start state 1 /2X 11 1 /2X 11 1 /2X /2X 01 1 /2X /2X 01 (shuffle, {id, (1 3)(2 4), (2 3), ( )}) 1 /2X 00 1 /2X 00 (turn, {2}) X 11 X 10 + X 01 X 00 (shuffle, {id, (1 3)}) X 11 X 10 + X 01 X 00 (shuffle, {id, (3 4)}) X 1 /2X 0 (perm, ( )) 1 /2X 0 (shuffle, {id, (1 2)(3 4)}, F) F : id 1 /3, (1 2)(3 4) 2 /3 1 /3X 1 2 /3X 1 1 /6X 0 1 /3X 0 1 /2X 0 (turn, {4}) (perm, ( )) X 1 1 /2X 0 1 /2X 0 (shuffle, {id, (1 3)(2 4)}, F) F : id 1 /3, (1 3)(2 4) 2 /3 1 /3X 1 2 /3X 1 1 /6X 0 1 /3X 0 1 /2X 0 (turn, {1}) X 1 X 0 (result, 1, 2) (shuffle, {id, (1 3)}) X 1 1 /4X 0 3 /4X 0 X 1 1 /2X 0 1 /2X 0 X 1 1 /4X 0 3 /4X 0 X 1 1 /2X 0 1 /2X 0 (shuffle, {id, (3 4)}) X 1 X 0 (result, 2, 4) Alexander Koch et al. Card-based Cryptographic Protocols Using a Minimal Number of Cards
50 Our Five-Card Protocol X 11 X 10 X 01 X 00 start state 1 /2X 11 1 /2X 11 1 /2X /2X 01 1 /2X /2X 01 (shuffle, {id, (1 3)(2 4), (2 3), ( )}) 1 /2X 00 1 /2X 00 (turn, {2}) X 11 X 10 + X 01 X 00 (shuffle, {id, (1 3)}) X 11 X 10 + X 01 X 00 (shuffle, {id, (3 4)}) X 1 1 /2X 0 1 /2X 0 (perm, ( )), (shuffle, {id, ( )}, F) F : id 2 /3, ( ) 1 /3 2 /3X 1 1 /3X 1 1 /2X 0 1 /6X 0 1 /3X 0 (turn, {5}) (perm, ( )) X 1 1 /2X 0 1 /2X 0 (shuffle, {id, (1 3)(2 4)}, F) F : id 1 /3, (1 3)(2 4) 2 /3 1 /3X 1 2 /3X 1 1 /6X 0 1 /3X 0 1 /2X 0 (turn, {1}) X 1 X 0 (result, 4, 3) X 1 3 /4X 0 1 /4X 0 (result, 3, 1) X 1 1 /4X 0 3 /4X 0 X 1 1 /2X 0 1 /2X 0 (shuffle, {id, (3 4)}) X 1 X 0 (result, 2, 4) Alexander Koch et al. Card-based Cryptographic Protocols Using a Minimal Number of Cards
51 Our Five-Card Protocol X 11 X 10 X 01 X 00 start state 1 /2X 11 1 /2X 11 1 /2X /2X 01 1 /2X /2X 01 (shuffle, {id, (1 3)(2 4), (2 3), ( )}) 1 /2X 00 1 /2X 00 (turn, {2}) X 11 X 10 + X 01 X 00 (shuffle, {id, (1 3)}) X 11 X 10 + X 01 X 00 (shuffle, {id, (3 4)}) X 1 1 /2X 0 1 /2X 0 (perm, ( )), (shuffle, {id, ( )}, F) F : id 2 /3, ( ) 1 /3 2 /3X 1 1 /3X 1 1 /2X 0 1 /6X 0 1 /3X 0 (turn, {5}) (perm, ( )) X 1 1 /2X 0 1 /2X 0 (shuffle, {id, (1 3)(2 4)}, F) F : id 1 /3, (1 3)(2 4) 2 /3 1 /3X 1 2 /3X 1 1 /6X 0 1 /3X 0 1 /2X 0 (turn, {1}) X 1 X 0 (result, 4, 3) X 1 3 /4X 0 1 /4X 0 (result, 3, 1) X 1 1 /4X 0 3 /4X 0 X 1 1 /2X 0 1 /2X 0 (shuffle, {id, (3 4)}) X 1 X 0 (result, 2, 4) Alexander Koch et al. Card-based Cryptographic Protocols Using a Minimal Number of Cards
52 Summary Runtime Shuffles #Cards Reference exp. finite non-uniform closed 4 [KWH15] exp. finite uniform non-closed 4 [KWH15] finite non-uniform non-closed 5 [KWH15] finite uniform closed 6 [MS09] Alexander Koch et al. Card-based Cryptographic Protocols Using a Minimal Number of Cards
53 Summary Runtime Shuffles #Cards Reference exp. finite non-uniform closed 4 [KWH15] exp. finite uniform non-closed 4 [KWH15] finite non-uniform non-closed 5 [KWH15] finite uniform closed 6 [MS09] Open Question: What if we restrict the computational model? Alexander Koch et al. Card-based Cryptographic Protocols Using a Minimal Number of Cards
54 Summary Runtime Shuffles #Cards Reference exp. finite non-uniform closed 4 [KWH15] exp. finite uniform non-closed 4 [KWH15] finite non-uniform non-closed 5 [KWH15] finite uniform closed 6 [MS09] Open Question: What if we restrict the computational model? Thank you for your attention! Alexander Koch et al. Card-based Cryptographic Protocols Using a Minimal Number of Cards
55 References: I A. Koch, S. Walzer, and K. Härtel. Card-based Cryptographic Protocols Using a Minimal Number of Cards. In: ASIACRYPT Ed. by T. Iwata and J. Cheon. Vol LNCS. Springer, 2015, pp T. Mizuki, M. Kumamoto, and H. Sone. The Five-Card Trick Can Be Done with Four Cards. In: ASIACRYPT Ed. by X. Wang and K. Sako. Vol LNCS. Springer, 2012, pp T. Mizuki and H. Sone. Six-Card Secure AND and Four-Card Secure XOR. In: FAW Ed. by X. Deng, J. E. Hopcroft, and J. Xue. Vol LNCS. Springer, 2009, pp Alexander Koch et al. Card-based Cryptographic Protocols Using a Minimal Number of Cards
56 References: II T. Mizuki and H. Shizuya. A formalization of card-based cryptographic protocols via abstract machine. In: Int. J. Inf. Secur (2014), pp A. Marcedone, Z. Wen, and E. Shi. Secure Dating with Four or Fewer Cards. Cryptology eprint Archive, Report 2015/ Alexander Koch et al. Card-based Cryptographic Protocols Using a Minimal Number of Cards
57 References: III Various Artists. Title image from http: //pdpics.com/photo/6619-ten-cards-of-all-suits/, public domain. Image of Bar from public domain. Image of lecture hall from brett jordan, CC-BY-2.0. XKCD comic figures by Randall Munroe from CC-BY-NC Alexander Koch et al. Card-based Cryptographic Protocols Using a Minimal Number of Cards
Card-based Cryptographic Protocols Using a Minimal Number of Cards
Card-based Cryptographic Protocols Using a Minimal Number of Cards Alexander Koch, Stefan Walzer, and Kevin Härtel Karlsruhe Institute of Technology (KIT) Karlsruhe, Germany alexander.koch@kit.edu, {stefan.walzer,
More informationAnalyzing Execution Time of Card-Based Protocols
Analyzing Execution Time of Card-Based Protocols Daiki Miyahara 1, Itaru Ueda 1, Yu-ichi Hayashi, Takaaki Mizuki, and Hideaki Sone 1 Graduate School of Information Sciences, Tohoku University 6 09 Aramaki-Aza-Aoba,
More informationCard-Based Protocols for Securely Computing the Conjunction of Multiple Variables
Card-Based Protocols for Securely Computing the Conjunction of Multiple Variables Takaaki Mizuki Tohoku University tm-paper+cardconjweb[atmark]g-mailtohoku-universityjp Abstract Consider a deck of real
More informationHow to Implement a Random Bisection Cut
How to Implement a Random Bisection Cut Itaru Ueda, Akihiro Nishimura, Yu-ichi Hayashi, Takaaki Mizuki,and Hideaki Sone Graduate School of Information Sciences, Tohoku University 09 Aramaki-Aza-Aoba, Aoba,
More informationFive-Card Secure Computations Using Unequal Division Shuffle
Five-Card Secure Computations Using Unequal Division Shuffle Akihiro Nishimura, Takuya Nishida, Yu-ichi Hayashi, Takaaki Mizuki, and Hideaki Sone Sone-Mizuki Lab., Graduate School of Information Sciences,
More informationEfficient Card-based Protocols for Generating a Hidden Random Permutation without Fixed Points
Efficient Card-based Protocols for Generating a Hidden Random Permutation without Fixed Points Rie Ishikawa 1, Eikoh Chida 1, and Takaaki Mizuki 2 1 Electrical and Computer Engineering, National Institute
More informationSecure Grouping Protocol Using a Deck of Cards. March 19, 2018
Secure Grouping Protocol Using a Deck of Cards Yuji Hashimoto, Kazumasa Shinagawa, Koji Nuida, Masaki Inamura, Goichiro Hanaoka March 19, 2018 arxiv:1709.07785v1 [cs.cr] 22 Sep 2017 Abstract We consider
More informationOn the Complexity of Broadcast Setup
On the Complexity of Broadcast Setup Martin Hirt, Pavel Raykov ETH Zurich, Switzerland {hirt,raykovp}@inf.ethz.ch July 5, 2013 Abstract Byzantine broadcast is a distributed primitive that allows a specific
More informationNote Computations with a deck of cards
Theoretical Computer Science 259 (2001) 671 678 www.elsevier.com/locate/tcs Note Computations with a deck of cards Anton Stiglic Zero-Knowledge Systems Inc, 888 de Maisonneuve East, 6th Floor, Montreal,
More informationCard-Based Zero-Knowledge Proof for Sudoku
Card-Based Zero-Knowledge Proof for Sudoku Tatsuya Sasaki Graduate School of Information Sciences, Tohoku University 6 3 09 Aramaki-Aza-Aoba, Aoba, Sendai 980 8579, Japan tatsuya.sasaki.p2@dc.tohoku.ac.jp
More informationTheory of Probability - Brett Bernstein
Theory of Probability - Brett Bernstein Lecture 3 Finishing Basic Probability Review Exercises 1. Model flipping two fair coins using a sample space and a probability measure. Compute the probability of
More informationEliminating Random Permutation Oracles in the Even-Mansour Cipher. Zulfikar Ramzan. Joint work w/ Craig Gentry. DoCoMo Labs USA
Eliminating Random Permutation Oracles in the Even-Mansour Cipher Zulfikar Ramzan Joint work w/ Craig Gentry DoCoMo Labs USA ASIACRYPT 2004 Outline Even-Mansour work and open problems. Main contributions
More informationHow to Implement a Random Bisection Cut
How to Implement a Random Bisection Cut Itaru UEDA 1 Akihiro NISHIMURA 1 Yu ichi HAYASHI 2 Takaaki MIZUKI 1 Hideaki SONE 1 1 Tohoku University 2 Tohoku Gakuin University TPNC 2016 Introduction What is
More informationJuan Garay (Yahoo Labs) Clint Givens (Maine School of Science and Mathematics) Rafail Ostrovsky (UCLA) Pavel Raykov (ETH)
Broadcast (and Round) Efficient Secure Multiparty Computation Juan Garay (Yahoo Labs) Clint Givens (Maine School of Science and Mathematics) Rafail Ostrovsky (UCLA) Pavel Raykov (ETH) Secure Multiparty
More informationA SECURITY MODEL FOR ANONYMOUS CREDENTIAL SYSTEMS
A SECURITY MODEL FOR ANONYMOUS CREDENTIAL SYSTEMS Andreas Pashalidis* and Chris J. Mitchell Information Security Group, Royal Holloway, University of London { A.Pashalidis,C.Mitchell }@rhul.ac.uk Abstract
More informationAutomated Analysis and Synthesis of Block-Cipher Modes of Operation
Automated Analysis and Synthesis of Block-Cipher Modes of Operation Alex J. Malozemoff 1 Jonathan Katz 1 Matthew D. Green 2 1 University of Maryland 2 Johns Hopkins University Presented at the Fall Protocol
More informationLossy Compression of Permutations
204 IEEE International Symposium on Information Theory Lossy Compression of Permutations Da Wang EECS Dept., MIT Cambridge, MA, USA Email: dawang@mit.edu Arya Mazumdar ECE Dept., Univ. of Minnesota Twin
More informationNotes for Recitation 3
6.042/18.062J Mathematics for Computer Science September 17, 2010 Tom Leighton, Marten van Dijk Notes for Recitation 3 1 State Machines Recall from Lecture 3 (9/16) that an invariant is a property of a
More informationIntroduction to Algorithms / Algorithms I Lecturer: Michael Dinitz Topic: Algorithms and Game Theory Date: 12/4/14
600.363 Introduction to Algorithms / 600.463 Algorithms I Lecturer: Michael Dinitz Topic: Algorithms and Game Theory Date: 12/4/14 25.1 Introduction Today we re going to spend some time discussing game
More informationLecture 6: Basics of Game Theory
0368.4170: Cryptography and Game Theory Ran Canetti and Alon Rosen Lecture 6: Basics of Game Theory 25 November 2009 Fall 2009 Scribes: D. Teshler Lecture Overview 1. What is a Game? 2. Solution Concepts:
More informationRobust Key Establishment in Sensor Networks
Robust Key Establishment in Sensor Networks Yongge Wang Abstract Secure communication guaranteeing reliability, authenticity, and privacy in sensor networks with active adversaries is a challenging research
More informationCollusion-Free Multiparty Computation in the Mediated Model
Collusion-Free Multiparty Computation in the Mediated Model Joël Alwen 1, Jonathan Katz 2, Yehuda Lindell 3, Giuseppe Persiano 4, abhi shelat 5, and Ivan Visconti 4 1 New York University, USA, jalwen@cs.nyu.edu
More informationof the hypothesis, but it would not lead to a proof. P 1
Church-Turing thesis The intuitive notion of an effective procedure or algorithm has been mentioned several times. Today the Turing machine has become the accepted formalization of an algorithm. Clearly
More informationTime-Memory Trade-Offs for Side-Channel Resistant Implementations of Block Ciphers. Praveen Vadnala
Time-Memory Trade-Offs for Side-Channel Resistant Implementations of Block Ciphers Praveen Vadnala Differential Power Analysis Implementations of cryptographic systems leak Leaks from bit 1 and bit 0 are
More informationSenior Math Circles February 10, 2010 Game Theory II
1 University of Waterloo Faculty of Mathematics Centre for Education in Mathematics and Computing Senior Math Circles February 10, 2010 Game Theory II Take-Away Games Last Wednesday, you looked at take-away
More informationDELIS-TR Provable Unlinkability Against Traffic Analysis already after log(n) steps!
Project Number 001907 DELIS Dynamically Evolving, Large-scale Information Systems Integrated Project Member of the FET Proactive Initiative Complex Systems DELIS-TR-0134 Provable Unlinkability Against
More informationarxiv:cs/ v1 [cs.gt] 7 Sep 2006
Rational Secret Sharing and Multiparty Computation: Extended Abstract Joseph Halpern Department of Computer Science Cornell University Ithaca, NY 14853 halpern@cs.cornell.edu Vanessa Teague Department
More informationStanford University CS261: Optimization Handout 9 Luca Trevisan February 1, 2011
Stanford University CS261: Optimization Handout 9 Luca Trevisan February 1, 2011 Lecture 9 In which we introduce the maximum flow problem. 1 Flows in Networks Today we start talking about the Maximum Flow
More informationREU 2006 Discrete Math Lecture 3
REU 006 Discrete Math Lecture 3 Instructor: László Babai Scribe: Elizabeth Beazley Editors: Eliana Zoque and Elizabeth Beazley NOT PROOFREAD - CONTAINS ERRORS June 6, 006. Last updated June 7, 006 at :4
More information"P2P Scrabble. Can P2P games commence?"
"P2P Scrabble. Can P2P games commence?" Adam Wierzbicki* Tomasz Kucharski* adamw@pjwstk.edu.pl *Polish-Japanese Institute of Information Technology ul. Koszykowa 86, 02-008 Warsaw, Poland Abstract The
More informationCS188: Section Handout 1, Uninformed Search SOLUTIONS
Note that for many problems, multiple answers may be correct. Solutions are provided to give examples of correct solutions, not to indicate that all or possible solutions are wrong. Work on following problems
More informationA Recursive Threshold Visual Cryptography Scheme
A Recursive Threshold Visual Cryptography cheme Abhishek Parakh and ubhash Kak Department of Computer cience Oklahoma tate University tillwater, OK 74078 Abstract: This paper presents a recursive hiding
More informationMore Great Ideas in Theoretical Computer Science. Lecture 1: Sorting Pancakes
15-252 More Great Ideas in Theoretical Computer Science Lecture 1: Sorting Pancakes January 19th, 2018 Question If there are n pancakes in total (all in different sizes), what is the max number of flips
More informationTiling Problems. This document supersedes the earlier notes posted about the tiling problem. 1 An Undecidable Problem about Tilings of the Plane
Tiling Problems This document supersedes the earlier notes posted about the tiling problem. 1 An Undecidable Problem about Tilings of the Plane The undecidable problems we saw at the start of our unit
More informationGeneric Attacks on Feistel Schemes
Generic Attacks on Feistel Schemes -Extended Version- Jacques Patarin PRiSM, University of Versailles, 45 av. des États-Unis, 78035 Versailles Cedex, France This paper is the extended version of the paper
More informationCOS433/Math 473: Cryptography. Mark Zhandry Princeton University Spring 2017
COS433/Math 473: Cryptography Mark Zhandry Princeton University Spring 2017 Previously Pseudorandom Functions and Permutaitons Modes of Operation Pseudorandom Functions Functions that look like random
More informationLecture 18 - Counting
Lecture 18 - Counting 6.0 - April, 003 One of the most common mathematical problems in computer science is counting the number of elements in a set. This is often the core difficulty in determining a program
More informationpaioli Power Analysis Immunity by Offsetting Leakage Intensity Sylvain Guilley perso.enst.fr/ guilley Telecom ParisTech
paioli Power Analysis Immunity by Offsetting Leakage Intensity Pablo Rauzy rauzy@enst.fr pablo.rauzy.name Sylvain Guilley guilley@enst.fr perso.enst.fr/ guilley Zakaria Najm znajm@enst.fr Telecom ParisTech
More informationLecture 28: Applications of Crypto Protocols
U.C. Berkeley Lecture 28 CS276: Cryptography April 27, 2006 Professor David Wagner Scribe: Scott Monasch Lecture 28: Applications of Crypto Protocols 1 Electronic Payment Protocols For this section we
More informationEdge-disjoint tree representation of three tree degree sequences
Edge-disjoint tree representation of three tree degree sequences Ian Min Gyu Seong Carleton College seongi@carleton.edu October 2, 208 Ian Min Gyu Seong (Carleton College) Trees October 2, 208 / 65 Trees
More informationThe next several lectures will be concerned with probability theory. We will aim to make sense of statements such as the following:
CS 70 Discrete Mathematics for CS Fall 2004 Rao Lecture 14 Introduction to Probability The next several lectures will be concerned with probability theory. We will aim to make sense of statements such
More informationReading 14 : Counting
CS/Math 240: Introduction to Discrete Mathematics Fall 2015 Instructors: Beck Hasti, Gautam Prakriya Reading 14 : Counting In this reading we discuss counting. Often, we are interested in the cardinality
More informationDealing with some maths
Dealing with some maths Hayden Tronnolone School of Mathematical Sciences University of Adelaide August 20th, 2012 To call a spade a spade First, some dealing... Hayden Tronnolone (University of Adelaide)
More informationCS 261 Notes: Zerocash
CS 261 Notes: Zerocash Scribe: Lynn Chua September 19, 2018 1 Introduction Zerocash is a cryptocurrency which allows users to pay each other directly, without revealing any information about the parties
More informationGeneric Attacks on Feistel Schemes
Generic Attacks on Feistel Schemes Jacques Patarin 1, 1 CP8 Crypto Lab, SchlumbergerSema, 36-38 rue de la Princesse, BP 45, 78430 Louveciennes Cedex, France PRiSM, University of Versailles, 45 av. des
More informationA Cryptosystem Based on the Composition of Reversible Cellular Automata
A Cryptosystem Based on the Composition of Reversible Cellular Automata Adam Clarridge and Kai Salomaa Technical Report No. 2008-549 Queen s University, Kingston, Canada {adam, ksalomaa}@cs.queensu.ca
More informationPrinciple of Inclusion-Exclusion Notes
Principle of Inclusion-Exclusion Notes The Principle of Inclusion-Exclusion (often abbreviated PIE is the following general formula used for finding the cardinality of a union of finite sets. Theorem 0.1.
More informationGame Theory Lecturer: Ji Liu Thanks for Jerry Zhu's slides
Game Theory ecturer: Ji iu Thanks for Jerry Zhu's slides [based on slides from Andrew Moore http://www.cs.cmu.edu/~awm/tutorials] slide 1 Overview Matrix normal form Chance games Games with hidden information
More informationFast Sorting and Pattern-Avoiding Permutations
Fast Sorting and Pattern-Avoiding Permutations David Arthur Stanford University darthur@cs.stanford.edu Abstract We say a permutation π avoids a pattern σ if no length σ subsequence of π is ordered in
More informationAsynchronous Best-Reply Dynamics
Asynchronous Best-Reply Dynamics Noam Nisan 1, Michael Schapira 2, and Aviv Zohar 2 1 Google Tel-Aviv and The School of Computer Science and Engineering, The Hebrew University of Jerusalem, Israel. 2 The
More informationExploring Signature Schemes with Subliminal Channel
SCIS 2003 The 2003 Symposium on Cryptography and Information Security Hamamatsu,Japan, Jan.26-29,2003 The Institute of Electronics, Information and Communication Engineers Exploring Signature Schemes with
More informationTIME encoding of a band-limited function,,
672 IEEE TRANSACTIONS ON CIRCUITS AND SYSTEMS II: EXPRESS BRIEFS, VOL. 53, NO. 8, AUGUST 2006 Time Encoding Machines With Multiplicative Coupling, Feedforward, and Feedback Aurel A. Lazar, Fellow, IEEE
More informationMedium Access Control via Nearest-Neighbor Interactions for Regular Wireless Networks
Medium Access Control via Nearest-Neighbor Interactions for Regular Wireless Networks Ka Hung Hui, Dongning Guo and Randall A. Berry Department of Electrical Engineering and Computer Science Northwestern
More informationComputational aspects of two-player zero-sum games Course notes for Computational Game Theory Section 3 Fall 2010
Computational aspects of two-player zero-sum games Course notes for Computational Game Theory Section 3 Fall 21 Peter Bro Miltersen November 1, 21 Version 1.3 3 Extensive form games (Game Trees, Kuhn Trees)
More informationDeterministic Symmetric Rendezvous with Tokens in a Synchronous Torus
Deterministic Symmetric Rendezvous with Tokens in a Synchronous Torus Evangelos Kranakis 1,, Danny Krizanc 2, and Euripides Markou 3, 1 School of Computer Science, Carleton University, Ottawa, Ontario,
More informationON THE PERMUTATIONAL POWER OF TOKEN PASSING NETWORKS.
ON THE PERMUTATIONAL POWER OF TOKEN PASSING NETWORKS. M. H. ALBERT, N. RUŠKUC, AND S. LINTON Abstract. A token passing network is a directed graph with one or more specified input vertices and one or more
More informationConnected Identifying Codes
Connected Identifying Codes Niloofar Fazlollahi, David Starobinski and Ari Trachtenberg Dept. of Electrical and Computer Engineering Boston University, Boston, MA 02215 Email: {nfazl,staro,trachten}@bu.edu
More informationIn Response to Peg Jumping for Fun and Profit
In Response to Peg umping for Fun and Profit Matthew Yancey mpyancey@vt.edu Department of Mathematics, Virginia Tech May 1, 2006 Abstract In this paper we begin by considering the optimal solution to a
More informationThe topic for the third and final major portion of the course is Probability. We will aim to make sense of statements such as the following:
CS 70 Discrete Mathematics for CS Spring 2006 Vazirani Lecture 17 Introduction to Probability The topic for the third and final major portion of the course is Probability. We will aim to make sense of
More informationYale University Department of Computer Science
LUX ETVERITAS Yale University Department of Computer Science Secret Bit Transmission Using a Random Deal of Cards Michael J. Fischer Michael S. Paterson Charles Rackoff YALEU/DCS/TR-792 May 1990 This work
More informationIdentity-based multisignature with message recovery
University of Wollongong Research Online Faculty of Engineering and Information Sciences - Papers: Part A Faculty of Engineering and Information Sciences 2013 Identity-based multisignature with message
More informationUsing Proof-of-Work to Coordinate
Using Proof-of-Work to Coordinate Adam Brandenburger* and Kai Steverson * J.P. Valles Professor, NYU Stern School of Business Distinguished Professor, NYU Tandon School of Engineering Faculty Director,
More informationDecoding Distance-preserving Permutation Codes for Power-line Communications
Decoding Distance-preserving Permutation Codes for Power-line Communications Theo G. Swart and Hendrik C. Ferreira Department of Electrical and Electronic Engineering Science, University of Johannesburg,
More informationGame Theory and Algorithms Lecture 19: Nim & Impartial Combinatorial Games
Game Theory and Algorithms Lecture 19: Nim & Impartial Combinatorial Games May 17, 2011 Summary: We give a winning strategy for the counter-taking game called Nim; surprisingly, it involves computations
More informationOn Symmetric Key Broadcast Encryption
On Symmetric Key Broadcast Encryption Sanjay Bhattacherjee and Palash Sarkar Indian Statistical Institute, Kolkata Elliptic Curve Cryptography (This is not) 2014 Bhattacherjee and Sarkar Symmetric Key
More informationEnabling Trust in e-business: Research in Enterprise Privacy Technologies
Enabling Trust in e-business: Research in Enterprise Privacy Technologies Dr. Michael Waidner IBM Zurich Research Lab http://www.zurich.ibm.com / wmi@zurich.ibm.com Outline Motivation Privacy-enhancing
More informationSecure multiparty computation without one-way functions
Secure multiparty computation without one-way functions Dima Grigoriev CNRS, Mathématiques, Université de Lille 59655, Villeneuve d Ascq, France dmitry.grigoryev@math.univ-lille1.fr Vladimir Shpilrain
More informationNurikabe puzzle. Zhen Zuo
Nurikabe puzzle Zhen Zuo ABSTRACT Single-player games (often called puzzles) have received considerable attention from the scientific community. Consequently, interesting insights into some puzzles, and
More informationAsymptotically Optimal Two-Round Perfectly Secure Message Transmission
Asymptotically Optimal Two-Round Perfectly Secure Message Transmission Saurabh Agarwal 1, Ronald Cramer 2 and Robbert de Haan 3 1 Basic Research in Computer Science (http://www.brics.dk), funded by Danish
More informationMultiplayer Pushdown Games. Anil Seth IIT Kanpur
Multiplayer Pushdown Games Anil Seth IIT Kanpur Multiplayer Games we Consider These games are played on graphs (finite or infinite) Generalize two player infinite games. Any number of players are allowed.
More informationCryptography. Module in Autumn Term 2016 University of Birmingham. Lecturers: Mark D. Ryan and David Galindo
Lecturers: Mark D. Ryan and David Galindo. Cryptography 2017. Slide: 1 Cryptography Module in Autumn Term 2016 University of Birmingham Lecturers: Mark D. Ryan and David Galindo Slides originally written
More informationCS1800: Intro to Probability. Professor Kevin Gold
CS1800: Intro to Probability Professor Kevin Gold Probability Deals Rationally With an Uncertain World Using probabilities is the only rational way to deal with uncertainty De Finetti: If you disagree,
More informationA Random Network Coding-based ARQ Scheme and Performance Analysis for Wireless Broadcast
ISSN 746-7659, England, U Journal of Information and Computing Science Vol. 4, No., 9, pp. 4-3 A Random Networ Coding-based ARQ Scheme and Performance Analysis for Wireless Broadcast in Yang,, +, Gang
More informationGAMBLING ( ) Name: Partners: everyone else in the class
Name: Partners: everyone else in the class GAMBLING Games of chance, such as those using dice and cards, oporate according to the laws of statistics: the most probable roll is the one to bet on, and the
More informationSimple And Efficient Shuffling With Provable Correctness and ZK Privacy
Simple And Efficient Shuffling With Provable Correctness and ZK Privacy Kun Peng, Colin Boyd and Ed Dawson Information Security Institute Queensland University of Technology {k.peng, c.boyd, e.dawson}@qut.edu.au
More informationAndrei Sabelfeld. Joint work with Per Hallgren and Martin Ochoa
Andrei Sabelfeld Joint work with Per Hallgren and Martin Ochoa Privacy for location based services Explosion of interest to location based services (LBS) locating people, vehicles, vessels, cargo, devices
More informationIntroduction to. Algorithms. Lecture 10. Prof. Constantinos Daskalakis CLRS
6.006- Introduction to Algorithms Lecture 10 Prof. Constantinos Daskalakis CLRS 8.1-8.4 Menu Show that Θ(n lg n) is the best possible running time for a sorting algorithm. Design an algorithm that sorts
More informationLearning via Delayed Knowledge A Case of Jamming. SaiDhiraj Amuru and R. Michael Buehrer
Learning via Delayed Knowledge A Case of Jamming SaiDhiraj Amuru and R. Michael Buehrer 1 Why do we need an Intelligent Jammer? Dynamic environment conditions in electronic warfare scenarios failure of
More informationSome Cryptanalysis of the Block Cipher BCMPQ
Some Cryptanalysis of the Block Cipher BCMPQ V. Dimitrova, M. Kostadinoski, Z. Trajcheska, M. Petkovska and D. Buhov Faculty of Computer Science and Engineering Ss. Cyril and Methodius University, Skopje,
More informationFrom permutations to graphs
From permutations to graphs well-quasi-ordering and infinite antichains Robert Brignall Joint work with Atminas, Korpelainen, Lozin and Vatter 28th November 2014 Orderings on Structures Pick your favourite
More informationSome algorithmic and combinatorial problems on permutation classes
Some algorithmic and combinatorial problems on permutation classes The point of view of decomposition trees PhD Defense, 2009 December the 4th Outline 1 Objects studied : Permutations, Patterns and Classes
More informationThe Capability of Error Correction for Burst-noise Channels Using Error Estimating Code
The Capability of Error Correction for Burst-noise Channels Using Error Estimating Code Yaoyu Wang Nanjing University yaoyu.wang.nju@gmail.com June 10, 2016 Yaoyu Wang (NJU) Error correction with EEC June
More informationA Visual Cryptography Based Watermark Technology for Individual and Group Images
A Visual Cryptography Based Watermark Technology for Individual and Group Images Azzam SLEIT (Previously, Azzam IBRAHIM) King Abdullah II School for Information Technology, University of Jordan, Amman,
More informationSome t-homogeneous sets of permutations
Some t-homogeneous sets of permutations Jürgen Bierbrauer Department of Mathematical Sciences Michigan Technological University Houghton, MI 49931 (USA) Stephen Black IBM Heidelberg (Germany) Yves Edel
More informationTeaching the TERNARY BASE
Features Teaching the TERNARY BASE Using a Card Trick SUHAS SAHA Any sufficiently advanced technology is indistinguishable from magic. Arthur C. Clarke, Profiles of the Future: An Inquiry Into the Limits
More informationFormal Description of the Chord Protocol using ASM
Formal Description of the Chord Protocol using ASM Bojan Marinković 1, Paola Glavan 2, Zoran Ognjanović 1 Mathematical Institute of the Serbian Academy of Sciences and Arts 1 Belgrade, Serbia [bojanm,
More informationPrivacy-Preserving Collaborative Recommendation Systems Based on the Scalar Product
Privacy-Preserving Collaborative Recommendation Systems Based on the Scalar Product Justin Zhan I-Cheng Wang Abstract In the e-commerce era, recommendation systems were introduced to share customer experience
More informationThe Complexity of Sorting with Networks of Stacks and Queues
The Complexity of Sorting with Networks of Stacks and Queues Stefan Felsner Institut für Mathematik, Technische Universität Berlin. felsner@math.tu-berlin.de Martin Pergel Department of Applied Mathematics
More informationIntroduction to Auction Theory: Or How it Sometimes
Introduction to Auction Theory: Or How it Sometimes Pays to Lose Yichuan Wang March 7, 20 Motivation: Get students to think about counter intuitive results in auctions Supplies: Dice (ideally per student)
More informationSF2972: Game theory. Mark Voorneveld, February 2, 2015
SF2972: Game theory Mark Voorneveld, mark.voorneveld@hhs.se February 2, 2015 Topic: extensive form games. Purpose: explicitly model situations in which players move sequentially; formulate appropriate
More informationCSE 312: Foundations of Computing II Quiz Section #2: Inclusion-Exclusion, Pigeonhole, Introduction to Probability (solutions)
CSE 31: Foundations of Computing II Quiz Section #: Inclusion-Exclusion, Pigeonhole, Introduction to Probability (solutions) Review: Main Theorems and Concepts Binomial Theorem: x, y R, n N: (x + y) n
More informationAlgorithmic Game Theory and Applications. Kousha Etessami
Algorithmic Game Theory and Applications Lecture 17: A first look at Auctions and Mechanism Design: Auctions as Games, Bayesian Games, Vickrey auctions Kousha Etessami Food for thought: sponsored search
More informationUnlinkability and Redundancy in Anonymous Publication Systems
Unlinkability and Redundancy in Anonymous Publication Systems Christian Boesgaard pink@diku.dk Department of Computer Science University of Copenhagen Denmark January 22, 2004 1 Introduction An anonymous
More informationOn the Price of Proactivizing Round-Optimal Perfectly Secret Message Transmission
On the Price of Proactivizing Round-Optimal Perfectly Secret Message Transmission Ravi Kishore Ashutosh Kumar Chiranjeevi Vanarasa Kannan Srinathan Abstract In a network of n nodes (modelled as a digraph),
More informationGame Theoretic Resistance to DoS Attacks Using Hidden Difficul
Game Theoretic Resistance to DoS Attacks Using Hidden Difficulty Puzzles Harikrishna 1, Venkatanathan 1 and Pandu Rangan 2 1 College of Engineering Guindy, Anna University Chennai,Tamil Nadu, India 2 Indian
More information/633 Introduction to Algorithms Lecturer: Michael Dinitz Topic: Algorithmic Game Theory Date: 12/6/18
601.433/633 Introduction to Algorithms Lecturer: Michael Dinitz Topic: Algorithmic Game Theory Date: 12/6/18 24.1 Introduction Today we re going to spend some time discussing game theory and algorithms.
More informationTCP/IP COVERT TIMING CHANNEL: THEORY TO IMPLEMENTATION. Sarah H. Sellke, Chih-Chun Wang Saurabh Bagchi, and Ness B. Shroff
1 TCP/IP COVERT TIMING CHANNEL: THEORY TO IMPLEMENTATION Sarah H. Sellke, Chih-Chun Wang Saurabh Bagchi, and Ness B. Shroff NETWORK COVERT TIMING CHANNELS Confidential Data 1 of RECENT WORK IP Covert Timing
More informationp 1 MAX(a,b) + MIN(a,b) = a+b n m means that m is a an integer multiple of n. Greatest Common Divisor: We say that n divides m.
Great Theoretical Ideas In Computer Science Steven Rudich CS - Spring Lecture Feb, Carnegie Mellon University Modular Arithmetic and the RSA Cryptosystem p- p MAX(a,b) + MIN(a,b) = a+b n m means that m
More informationStupid Columnsort Tricks Dartmouth College Department of Computer Science, Technical Report TR
Stupid Columnsort Tricks Dartmouth College Department of Computer Science, Technical Report TR2003-444 Geeta Chaudhry Thomas H. Cormen Dartmouth College Department of Computer Science {geetac, thc}@cs.dartmouth.edu
More informationLESSON 2. Opening Leads Against Suit Contracts. General Concepts. General Introduction. Group Activities. Sample Deals
LESSON 2 Opening Leads Against Suit Contracts General Concepts General Introduction Group Activities Sample Deals 40 Defense in the 21st Century General Concepts Defense The opening lead against trump
More information