Handling Expected Polynomial-Time Strategies in Simulation-Based Security Proofs*

41 Pages Posted: 9 Jul 2008

See all articles by Jonathan Katz

Jonathan Katz

University of Maryland Department of Computer Science

Yehuda Lindell

affiliation not provided to SSRN

Date Written: July 20, 2006

Abstract

The standard class of adversaries considered in cryptography is that of strict polynomial-time probabilistic machines. However, expected polynomial-time machines are often also considered. For example, there are many zero-knowledge protocols for which the only known simulation techniques run in expected (and not strict) polynomial time. In addition, it has been shown that expected polynomial-time simulation is essential for achieving constant-round black-box zero-knowledge protocols. This reliance on expected polynomial-time simulation introduces a number of conceptual and technical difficulties. In this paper, we develop techniques for dealing with expected polynomial-time adversaries in simulation-based security proofs.

Suggested Citation

Katz, Jonathan and Lindell, Yehuda, Handling Expected Polynomial-Time Strategies in Simulation-Based Security Proofs* (July 20, 2006). Available at SSRN: https://ssrn.com/abstract=1157396 or http://dx.doi.org/10.2139/ssrn.1157396

Jonathan Katz (Contact Author)

University of Maryland Department of Computer Science ( email )

College Park
College Park, MD 20742
United States

Yehuda Lindell

affiliation not provided to SSRN

Do you have negative results from your research you’d like to share?

Paper statistics

Downloads
35
Abstract Views
480
PlumX Metrics