Shafi Goldwasser
Weizmann Institute of Science
Network
Latest external collaboration on country level. Dive into details by clicking on the dots.
Publication
Featured researches published by Shafi Goldwasser.
symposium on the theory of computing | 1988
Michael Ben-Or; Shafi Goldwasser; Avi Wigderson
Every function of <italic>n</italic> inputs can be efficiently computed by a complete network of <italic>n</italic> processors in such a way that:<list><item>If no faults occur, no set of size <italic>t</italic> < <italic>n</italic>/2 of players gets any additional information (other than the function value), </item><item>Even if Byzantine faults are allowed, no set of size <italic>t</italic> < <italic>n</italic>/3 can either disrupt the computation or get additional information. </item></list> Furthermore, the above bounds on <italic>t</italic> are tight!
Journal of the ACM | 1986
Oded Goldreich; Shafi Goldwasser; Silvio Micali
A constructive theory of randomness for functions, based on computational complexity, is developed, and a pseudorandom function generator is presented. This generator is a deterministic polynomial-time algorithm that transforms pairs (<italic>g</italic>, <italic>r</italic>), where <italic>g</italic> is <italic>any</italic> one-way function and <italic>r</italic> is a random <italic>k</italic>-bit string, to polynomial-time computable functions ƒ<italic><subscrpt>r</subscrpt></italic>: {1, … , 2<italic><supscrpt>k</supscrpt></italic>} → {1, … , 2<italic><supscrpt>k</supscrpt></italic>}. These ƒ<italic><subscrpt>r</subscrpt></italic>s cannot be distinguished from <italic>random</italic> functions by any probabilistic polynomial-time algorithm that asks and receives the value of a function at arguments of its choice. The result has applications in cryptography, random constructions, and complexity theory.
symposium on the theory of computing | 1985
Shafi Goldwasser; Silvio Micali; Charles Rackoff
Permission to copy without fee all or part of this material is granted provided that the copies arc not made or distributed for direct commercial advantage. rhe ACM copyright notice and the title of the publication and its date appear, and notice is given that copying is by permission of the Association for Computing Machinery. To copy otherwise, or to repubhsh. requires a fee and/or specific permission.
symposium on the theory of computing | 1982
Shafi Goldwasser; Silvio Micali
This paper proposes an Encryption Scheme that possess the following property : An adversary, who knows the encryption algorithm and is given the cyphertext, cannot obtain any information about the clear-text. Any implementation of a Public Key Cryptosystem, as proposed by Diffie and Hellman in [8], should possess this property. Our Encryption Scheme follows the ideas in the number theoretic implementations of a Public Key Cryptosystem due to Rivest, Shamir and Adleman [13], and Rabin [12].
symposium on the theory of computing | 1988
Michael Ben-Or; Shafi Goldwasser; Joe Kilian; Avi Wigderson
Quite complex cryptographic machinery has been developed based on the assumption that one-way functions exist, yet we know of only a few possible such candidates. It is important at this time to find alternative foundations to the design of secure cryptography. We introduce a new model of generalized interactive proofs as a step in this direction. We prove that all NP languages have perfect zero-knowledge proof-systems in this model, without making any intractability assumptions. The generalized interactive-proof model consists of two computationally unbounded and untrusted provers, rather than one, who jointly agree on a strategy to convince the verifier of the truth of an assertion and then engage in a polynomial number of message exchanges with the verifier in their attempt to do so. To believe the validity of the assertion, the verifier must make sure that the two provers can not communicate with each other during the course of the proof process. Thus, the complexity assumptions made in previous work, have been traded for a physical separation between the two provers. We call this new model the multi-prover interactive-proof model, and examine its properties and applicability to cryptography.
Journal of the ACM | 1996
Uriel Feige; Shafi Goldwasser; László Lovász; Shmuel Safra; Mario Szegedy
The contribution of this paper is two-fold. First, a connection is established between approximating the size of the largest clique in a graph and multi-prover interactive proofs. Second, an efficient multi-prover interactive proof for NP languages is constructed, where the verifier uses very few random bits and communication bits. Last, the connection between cliques and efficient multi-prover interaction proofs, is shown to yield hardness results on the complexity of approximating the size of the largest clique in a graph. Of independent interest is our proof of correctness for the multilinearity test of functions.
international cryptology conference | 1990
Shafi Goldwasser; Leonid A. Levin
This paper describes a method for n players, a majority of which may be faulty, to compute correctly, privately, and fairly any computable function f(x1,... ,xn) where xi, is the input of the i-th. player. The method uses as a building block an oblivious transfer primitive.Previous methods achieved these properties, only for boolean functions, which, in particular, precluded composition of such protocols.We also propose a simpler definition of security for multi-player protocols which still implies previous definitions of privacy and correctness.
Archive | 1990
Shafi Goldwasser
We present strong evidence that the implication, “if one-way permutations exist, then secure secret key agreement is possible”, is not provable by standard techniques. Since both sides of this implication are widely believed true in real life, to show that the implication is false requires a new model. We consider a world where all parties have access to a black box for a randomly selected permutation. Being totally random, this permutation will be strongly oneway in a provable, information-theoretic way. We show that, if P = N P , no protocol for secret key agreement is secure in such a setting. Thus, to prove that a secret key agreement protocol which uses a one-way permutation as a black box is secure is as hard as proving P # N P . We also obtain, as a corollary, that there is an oracle relative to which the implication is false, i.e., there is a one-way permutation, yet secret-exchange is impossible. Thus, no technique which relativizes can prove that secret exchange can be based on any one-way permutation. Our results present a general framework for proving statements of the form, “Cryptographic application X is not likely possible based solely on complexity assumption Y .”
symposium on the theory of computing | 1993
Mihir Bellare; Shafi Goldwasser; Carsten Lund; Alexander Russell
Efficient Probabilistically Checkable Proofs and Applications to Approximation M. BELLARE* S. GOLDWASSERt C. LUNDi A. RUSSELL
international cryptology conference | 1985
Manuel Blum; Shafi Goldwasser
We construct multi-prover proof systems for NP which use only a constant number of provers to simultaneously achieve low error, low randomness and low answer size. As a consequence, we obtain asymptotic improvements to approximation hardness results for a wide range of optimization problems including minimum set cover, dominating set, maximum clique, chromatic number, and quartic programming; and constant factor improvements on the hardness results for MAXSNP problems. In particular, we show that approximating minimum set cover within any constant is NP-complete; approximating minimum set cover within c log n, for c < 1/8, implies NP C DTIME(nlOglOgn); approximat— ing the maximum of a quartic program within any constant is NP-complete; approximating maximum clique or chromatic number within nl/29 implies NP ~ BPP; and approximating MAX-3 SAT within 113/112 is NPcomplete. * High Performance Computing and Communications, IBM T.J. Watson Research Center, PO Box 704, Yorktown Heights, NY 10598, USA. e-mail: mihirf.Qwatson. ibm. corn. t MIT Laboratory for Computer Science, 545 Technology Square, Cambridge, MA 02139, USA. e-mail: shaf i@theory. lcs. init. edu. Partially supported by NSF FAW grant No. 9023312-CCR, DARPA g-rant No. NOO014-92-J-1799, and grant No. 89-00312 from the United States Israel Binationsl Science Foundation (BSF), Jerusalem, Israel.