Network


Latest external collaboration on country level. Dive into details by clicking on the dots.

Hotspot


Dive into the research topics where Alessandra Scafuro is active.

Publication


Featured researches published by Alessandra Scafuro.


theory and application of cryptographic techniques | 2013

Universally Composable Secure Computation with (Malicious) Physically Uncloneable Functions

Rafail Ostrovsky; Alessandra Scafuro; Ivan Visconti; Akshay Wadia

Physically Uncloneable Functions (PUFs) [28] are noisy physical sources of randomness. As such, they are naturally appealing for cryptographic applications, and have caught the interest of both theoreticians and practitioners. A major step towards understanding and securely using PUFs was recently taken in [Crypto 2011] where Brzuska, Fischlin, Schroder and Katzenbeisser model PUFs in the Universal Composition (UC) framework of Canetti [FOCS 2001]. A salient feature of their model is that it considers trusted PUFs only; that is, PUFs which have been produced via the prescribed manufacturing process and are guaranteed to be free of any adversarial influence. However, this does not accurately reflect real-life scenarios, where an adversary could be able to create and use malicious PUFs.


international cryptology conference | 2016

Adaptively Secure Garbled Circuits from One-Way Functions

Brett Hemenway; Zahra Jafargholi; Rafail Ostrovsky; Alessandra Scafuro; Daniel Wichs

A garbling scheme is used to garble a circuit C and an input x in a way that reveals the output Cx but hides everything else. In many settings, the circuit can be garbled off-line without strict efficiency constraints, but the input must be garbled very efficiently on-line, with much lower complexity than evaluating the circuit. Yaos garbling schemei?ź[31] has essentially optimal on-line complexity, but only achieves selective security, where the adversary must choose the input x prior to seeing the garbled circuit. It has remained an open problem to achieve adaptive security, where the adversary can choose x after seeing the garbled circuit, while preserving on-line efficiency. In this work, we modify Yaos scheme in a way that allows us to prove adaptive security under one-way functions. In our main instantiation we achieve on-line complexity only proportional to the width w of the circuit. Alternatively we can also get an instantiation with on-line complexity only proportional to the depth d and the output size of the circuit, albeit incurring in a


international conference on the theory and application of cryptology and information security | 2013

Unconditionally Secure and Universally Composable Commitments from Physical Assumptions

Ivan Damgård; Alessandra Scafuro


theory of cryptography conference | 2012

Simultaneously resettable arguments of knowledge

Chongwon Cho; Rafail Ostrovsky; Alessandra Scafuro; Ivan Visconti

2^{Od}


theory and application of cryptographic techniques | 2012

On round-optimal zero knowledge in the bare public-key model

Alessandra Scafuro; Ivan Visconti


international cryptology conference | 2015

Round-Optimal Black-Box Two-Party Computation

Rafail Ostrovsky; Silas Richelson; Alessandra Scafuro

security loss in our reduction. More broadly, we relate the on-line complexity of adaptively secure garbling schemes in our framework to a certain type of pebble complexity of the circuit. As our maini?źtool, of independent interest, we develop a new notion of somewhere equivocal encryption, which allows us to efficiently equivocate on a small subset of the message bits.


theory of cryptography conference | 2016

Improved OR-Composition of Sigma-Protocols

Michele Ciampi; Giuseppe Persiano; Alessandra Scafuro; Luisa Siniscalchi; Ivan Visconti

We present a constant-round unconditional black-box compiler that transforms any ideal (i.e., statistically-hiding and statistically-binding) straight-line extractable commitment scheme, into an extractable and equivocal commitment scheme, therefore yielding to UC-security [9]. We exemplify the usefulness of our compiler by providing two (constant-round) instantiations of ideal straight-line extractable commitment based on (malicious) PUFs [36] and stateless tamper-proof hardware tokens [26], therefore achieving the first unconditionally UC-secure commitment with malicious PUFs and stateless tokens, respectively. Our constructions are secure for adversaries creating arbitrarily malicious stateful PUFs/tokens.


trans. computational science | 2010

Impossibility results for RFID privacy notions

Frederik Armknecht; Ahmad-Reza Sadeghi; Alessandra Scafuro; Ivan Visconti; Christian Wachsmann

In this work, we study simultaneously resettable arguments of knowledge. As our main result, we show a construction of a constant-round simultaneously resettable witness-indistinguishable argument of knowledge (simresWIAoK, for short) for any NP language. We also show two applications of simresWIAoK: the first constant-round simultaneously resettable zero-knowledge argument of knowledge in the Bare Public-Key Model; and the first simultaneously resettable identification scheme which follows the knowledge extraction paradigm.


theory of cryptography conference | 2013

Revisiting lower and upper bounds for selective decommitments

Rafail Ostrovsky; Vanishree Rao; Alessandra Scafuro; Ivan Visconti

In this paper we revisit previous work in the BPK model and point out subtle problems concerning security proofs of concurrent and resettable zero knowledge (cƵƘ and rƵƘ, for short). Our analysis shows that the cƵƘ and rƵƘ simulations proposed for previous (in particular all round-optimal) protocols are distinguishable from real executions. Therefore some of the questions about achieving round optimal cƵƘ and rƵƘ in the BPK model are still open. We then show our main protocol, ΠcƵƘ, that is a round-optimal concurrently sound cƵƘ argument of knowledge (AoK, for short) for NP under standard complexity-theoretic assumptions. Next, using complexity leveraging arguments, we show a protocol ΠrƵƘ that is round-optimal and concurrently sound rƵƘ for NP. Finally we show that ΠcƵƘ and ΠrƵƘ can be instantiated efficiently through transformations based on number-theoretic assumptions. Indeed, starting from any language admitting a perfect Σ-protocol, they produce concurrently sound protocols ΠcƵƘ and ΠrƵƘ, where ΠcƵƘ is a round-optimal cƵƘAoK, and ΠrƵƘ is a 5-round rƵƘ argument. The rƵƘ protocols are mainly inherited from the ones of Yung and Zhao [31].


international cryptology conference | 2016

Online/Offline OR Composition of Sigma Protocols

Michele Ciampi; Giuseppe Persiano; Alessandra Scafuro; Luisa Siniscalchi; Ivan Visconti

In [Eurocrypt 2004] Katz and Ostrovsky establish the exact round complexity of secure two-party computation with respect to black-box proofs of security. They prove that 5 rounds are necessary for secure two-party protocols (4-round are sufficient if only one party receives the output) and provide a protocol that matches such lower bound. The main challenge when designing such protocol is to parallelize the proofs of consistency provided by both parties – necessary when security against malicious adversaries is considered– in 4 rounds. Toward this goal they employ specific proofs in which the statement can be unspecified till the last round but that require non-black-box access to the underlying primitives.

Collaboration


Dive into the Alessandra Scafuro's collaboration.

Top Co-Authors

Avatar
Top Co-Authors

Avatar
Top Co-Authors

Avatar
Top Co-Authors

Avatar

Daniel Wichs

Northeastern University

View shared research outputs
Top Co-Authors

Avatar
Top Co-Authors

Avatar
Top Co-Authors

Avatar
Top Co-Authors

Avatar

Akshay Wadia

University of California

View shared research outputs
Top Co-Authors

Avatar
Top Co-Authors

Avatar

Mike Rosulek

Oregon State University

View shared research outputs
Researchain Logo
Decentralizing Knowledge