Paul Feldman

A practical scheme for non-interactive verifiable secret sharing

This paper presents an extremely efficient, non-interactive protocol for verifiable secret sharing. Verifiable secret sharing (VSS) is a way of bequeathing information to a set of processors such that a quorum of processors is needed to access the information. VSS is a fundamental tool of cryptography and distributed computing. Seemingly difficult problems such as secret bidding, fair voting, leader election, and flipping a fair coin have simple one-round reductions to VSS. There is a constant-round reduction from Byzantine Agreement to non-interactive VSS. Non-interactive VSS provides asynchronous networks with a constant-round simulation of simultaneous broadcast networks whenever even a bare majority of processors are good. VSS is constantly repeated in the simulation of fault-free protocols by faulty systems. As verifiable secret sharing is a bottleneck for so many results, it is essential to find efficient solutions.

Non-interactive zero-knowledge and its applications

We show that interaction in <italic>any</italic> zero-knowledge proof can be replaced by sharing a common, short, random string. We use this result to construct the <italic>first</italic> public-key cryptosystem secure against chosen ciphertext attack.

Optimal algorithms for Byzantine agreement

We exhibit randomized Byzantine agreement (BA) algorithms achieving optimal running time and fault tolerance against all types of adversaries ever considered in the literature. Our BA algorithms do not require trusted parties, preprocessing, or non-constructive arguments. Given private communication lines, we show that <italic>n</italic> processors can reach <italic>BA</italic> in expected constant time <list><item>in a <italic>syncronous</italic> network if any < <italic>n</italic>/3 faults occur </item><item>in an <italic>asynchronous</italic> network if any < <italic>n</italic>/4 faults occur </item></list> For both synchronous and asynchronous networks whose lines do not guarantee private communication, we may use cryptography to obtain algorithms optimal both in fault tolerance and running time against computationally bounded adversaries. (Thus, in this setting, we tolerate up to <italic>n</italic>/3 faults even in an asynchronous network.)

Wide-sense nonblocking networks

A new method for constructing wide-sense nonblocking networks is presented. Application of this method yields (among other things) wide-sense nonblocking generalized connectors with n inputs and outputs and size

Proving Security Against Chosen Cyphertext Attacks

O( n\log n )

Byzantine agreement in constant expected time

, and with depth k and size

An Optimal Probabilistic Algorithm For Synchronous Byzantine Agreement

O ( n^{1 + 1/k} ( \log n )^{1 - 1/k} )

Non-Interactive Zero-Knowledge and Its Applications (Extended Abstract)

.

An optimal algorithm for synchronous byzantine agreement

The relevance of zero knowledge to cryptography has become apparent in the recent years. In this paper we advance this theory by showing that interaction in any zero-knowledge proof can be replaced by sharing a common, short, random string. This advance finds immediate application in the construction of the first public-key cryptosystem secure against chosen ciphertext attack.Our solution, though not yet practical, is of theoretical significance, since the existence of cryptosystems secure against chosen ciphertext attack has been a famous long-standing open problem in the field.

Non-Interactive Zero-Knowledge Proof Systems and Applications

We present a novel cryptographic algorithm for Byzantine agreement in a network with l=O(n) faulty processors and in the most adversarial setting. Our algorithm requires, once and for all, O(t) rounds of preprocessing. Afterwards it allows us to reach each individual Byzantine agreement in constant expected time. Our solution does not make use of any trusted party.