Advances in cryptology - CRYPTO 2001 : 21st Annual International Cryptology Conference, Santa Barbara, California, USA, August 19-23, 2001 : proceedings

Crypto 2001, the 21st Annual Crypto conference, was sponsored by the Int- national Association for Cryptologic Research (IACR) in cooperation with the IEEE Computer Society Technical Committee on Security and Privacy and the Computer Science Department of the University of California at Santa Barbara. The conference received 156 submissions, of which the program committee selected 34 for presentation; one was later withdrawn. These proceedings contain the revised versions of the 33 submissions that were presented at the conference. These revisions have not been checked for correctness, and the authors bear full responsibility for the contents of their papers. The conference program included two invited lectures. Mark Sherwin spoke on, \Quantum information processing in semiconductors: an experimentalist's view." Daniel Weitzner spoke on, \Privacy, Authentication & Identity: A recent history of cryptographic struggles for freedom." The conference program also included its perennial \rump session," chaired by Stuart Haber, featuring short, informal talks on late{breaking research news. As I try to account for the hours of my life that ?ew o to oblivion, I realize that most of my time was spent cajoling talented innocents into spending even more time on my behalf. I have accumulated more debts than I can ever hope to repay. As mere statements of thanks are certainly insu cient, consider the rest of this preface my version of Chapter 11.

Foundations.- On the (Im)possibility of Obfuscating Programs.- Universally Composable Commitments.- Traitor Tracing.- Revocation and Tracing Schemes for Stateless Receivers.- Self Protecting Pirates and Black-Box Traitor Tracing.- Multi-party Computation.- Minimal Complete Primitives for Secure Multi-party Computation.- Robustness for Free in Unconditional Multi-party Computation.- Secure Distributed Linear Algebra in a Constant Number of Rounds.- Two-Party Computation.- Two-Party Generation of DSA Signatures.- Oblivious Transfer in the Bounded Storage Model.- Parallel Coin-Tossing and Constant-Round Secure Two-Party Computation.- Elliptic Curves.- Faster Point Multiplication on Elliptic Curves with Efficient Endomorphisms.- On the Unpredictability of Bits of the Elliptic Curve Diffie-Hellman Scheme.- Identity-Based Encryption from the Weil Pairing.- OAEP.- A Chosen Ciphertext Attack on RSA Optimal Asymmetric Encryption Padding (OAEP) as Standardized in PKCS #1 v2.0.- OAEP Reconsidered.- RSA-OAEP Is Secure under the RSA Assumption.- Simplified OAEP for the RSA and Rabin Functions.- Encryption and Authentication.- Online Ciphers and the Hash-CBC Construction.- The Order of Encryption and Authentication for Protecting Communications (or: How Secure Is SSL?).- Signature Schemes.- Forward-Secure Signatures with Optimal Signing and Verifying.- Improved Online/Offline Signature Schemes.- Protocols.- An Efficient Scheme for Proving a Shuffle.- An Identity Escrow Scheme with Appointed Verifiers.- Session-Key Generation Using Human Passwords Only.- Cryptanalysis.- Cryptanalysis of RSA Signatures with Fixed-Pattern Padding.- Correlation Analysis of the Shrinking Generator.- Applications of Groups and Codes.- Nonlinear Vector Resilient Functions.- New Public Key Cryptosystem Using Finite Non Abelian Groups.- Pseudorandomness from Braid Groups.- Broadcast and Secret Sharing.- On the Cost of Reconstructing a Secret, or VSS with Optimal Reconstruction Phase.- Secure and Efficient Asynchronous Broadcast Protocols.- Soundness and Zero-Knowledge.- Soundness in the Public-Key Model.- Robust Non-interactive Zero Knowledge.