Selected presentations and publications
to Cryptography, a short (5-hour) course on Cryptography and its applications.
Recorder by Network Northeastern. Contact NTU for (video) copies.
Security proofs for practical encryption schemes,
invited presentation at Lucent Technologies, Bell Labs, April 17, 98.
For a technical view, refer to the paper published
in PKC '98 on ElGamal encryption.
Fast A-Key distribution with OTASP, presented
in the January '97 AHAG meeting, January 8th, '98, New Orleans, LA. The
related paper has been accepted in the IEEE
Symposium of Security and Privacy.
Invited talk on Balancing Anonymity and Accountability,
as part of a panel discussion given at the University of Wisconsin at Milwaukee,
December 12th, 1997. An abstract is available.
A relevant article on anonymous cash appeared in the Milwaukee Journal
Invited talk on Anonymity in Electronic Commerce,
as part of a panel discussion given at the 22nd Conferece on Local Computer
Networks (LCN '97), Minneapolis, Minessota, November 4th, 1997.
Invited talk on Micropayments and
anonymous e-cash, for the IEEE local (New England) chapter,
February 13, 1997. Powerpoint 4.0
slides are also available.
(You may need a postscript (.ps)
previewer or an acrobat
(.pdf) reader for some of these.)
Efficient Electronic Cash: New Notions and Techniques
(1.15 Mb), my Ph.D. thesis. Browse the abstract,
or you may choose to download the compressed
postscript (500Kb). Other options available, but you have to contact
me first... Note: the RBC protocol in Chapter 5 must be corrected
(as in the "easy come-easy go divisible cash" below). A corrected version
will be posted here shortly.
Decision oracles are equivalent to matching oracles,
with Helena Handschuh and Moti Yung. To appear in 1999 International Workshop
on Practice and Theory in Public Key Cryptography '99 (PKC
'99), Kamakura, Japan, March 1-3 1999.
Easy come-easy go divisible cash, (updated
version, GTE Tech report with corrections on RBC)
with Yair Frankel and
Agnes Chan. Eurocrypt
'98, Lecture Notes in Computer Science, Elsinki, Finland, May 31-June
4 '98. pp. 561-575. Abstract and compressed
postscript are also available.
Indirect Discourse Proofs: Achieving Fair Off-Line
Electronic Cash, with Yair
Frankel and Moti Yung.
'96, Lecture Notes in Computer Science 1163, pages 286-300, November
3-7, South Korea. Abstract, compressed
On the security of ElGamal-based
encryption, with Moti Yung.
In 1998 International Workshop on Practice and Theory in Public Key Cryptography
(PKC '98), February
5-6, Yokohama, Japan. Abstract, compressed
postscript, powerpoint slides.
Exact Analysis of Exact Change, with Yair
Frankel and Boaz Patt-Shamir.
The 5th Israel Symposium on the Theory of Computing Systems (ISTCS
'97), June 17-19, Ran-Gatan Israel, pages 107-119, IEEE Computer Society
slides, compressed postscript.
Efficient key distribution
for slow computing devices: Achieving fast over-the-air activation for
wireless systems, with Chris Carroll and Yair
Frankel. In IEEE
Symposium on Security and Privacy (S&P '98), May 3-6 '98, Oakland,
CA. Astract, pdf,
compressed postscript. Copyright,
Anonymity Control in E-Cash Systems, with George
Davida, Yair Frankel and
Moti Yung. Financial
Cryptography '97, Anguilla, British West Indies, February 24-27. Abstract,
Misrepresentation of identities in e-cash schemes
and how to prevent it, with Agnes Chan, Yair
Frankel, and Phil MacKenzie. Asiacrypt
'96, Lecture Notes in Computer Science 1163, pages 276-285, November
3-7, South Korea. Abstract, compressed
Fair Off-Line Cash made easy, Asiacrypt
'98, Beijing, China, October 18-22. Lecture Notes in Computer Science.
Corrections on "Fair Off-Line E-Cash":
Contact information for Yiannis
Tsiounis, and links to crypto-related and e-cash
The proof of theorem 1, part (2) needs to be slightly modified; download
the paper from this site which is corrected in this respect.
We apologize to the authors of "Digital Payment Systems with Passive Anonymity-Revoking
Trustees", J. Camenisch, U. Maurer and M. Stadler, for mentioning in the
published version of our paper above that "based on initial calculations
their solution is perhaps less efficient than ours"; this clearly is not
the case, with their result requiring about half the computation and communication
overhead of ours. However our model is stronger, allowing the bank to perform
a search on the account database, instead of the withdrawal database, when
owner tracing ("payment-based revokation") is to be implemented. In addition
we provide security proofs for several of our protocols. The paper as it
appears on this site is corrected on this respect. The "Anonymity Control
in E-Cash Systems" paper improves on our result, bringing it on par in
terms of efficiency with "Digital Payment Systems with Passive Anonymity-Revoking
Trustees"; however our proofs still hold, thus distinguishing our system
from a security standpoint.
This cite has been accessed
times since December 4, 1997.
Back to my home page.