Table of Contents

Leakage

Circular and Leakage Resilient Public-Key Encryption under Subgroup Indistinguishability (or: Quadratic Residuosity Strikes Back) Zvika Brakerski Shafi Goldwasser 1

Leakage-Resilient Pseudorandom Functions and Side-Channel Attacks on Feistel Networks Yevgeniy Dodis Krzysztof Pietrzak 21

Protecting Cryptographic Keys against Continual Leakage Ali Juma Yevgeniy Vahlis 41

Securing Computation against Continuous Leakage Shafi Goldwasser Guy N. Rothblum 59

Lattice

An Efficient and Parallel Gaussian Sampler for Lattices Chris Peikert 80

Lattice Basis Delegation in Fixed Dimension and Shorter-Ciphertext Hierarchical IBE Shweta Agrawal Dan Boneh Xavier Boyen 98

Homomorphic Encryption

Toward Basing Fully Homomorphic Encryption on Worst-Case Hardness Craig Gentry 116

Additively Homomorphic Encryption with d-Operand Multiplications Carlos Aguilar Melchor Philippe Gaborit Javier Herranz 138

i-Hop Homomorphic Encryption and Rerandomizable Yao Circuits Craig Gentry Shai Halevi Vinod Vaikuntanathan 155

Theory and Applications

Interactive Locking, Zero-Knowledge PCPs, and Unconditional Cryptography Vipul Goyal Yuval Ishai Mohammad Mahmoody Amit Sahai 173

Fully Secure Functional Encryption with General Relations from the Decisional Linear Assumption Tatsuaki Okamoto Katsuyuki Takashima 191

Structure-Preserving Signatures and Commitments to Group Elements Masayuki Abe Georg Fuchsbauer Jens Groth Kristiyan Haralambiev Miyako Ohkubo 209

Efficient Indifferentiable Hashing into Ordinary Elliptic Curves Eric Brier Jean-Sébastien Coron Thomas Icart David Madore Hugues Randriam Mehdi Tibouchi 237

Key Exchange, OAEP/RSA, CCA

Credential Authenticated Identification and Key Exchange Jan Camenisch Nathalie Casati Thomas Gross Victor Shoup 255

Password-Authenticated Session-Key Generation on the Internet in the Plain Model Vipul Goyal Abhishek Jain Rafail Ostrovsky 277

Instantiability of RSA-OAEP under Chosen-Plaintext Attack Eike Kiltz Adam O'Neill Adam Smith 295

Efficient Chosen-Ciphertext Security via Extractable Hash Proofs Hoeteck Wee 314

Attacks

Factorization of a 768-Bit RSA Modulus Thorsten Kleinjung Kazumaro Aoki Jens Franke Arjen K. Lenstra Emmanuel Thomé Joppe W. Bos Pierrick Gaudry Alexander Kruppa Peter L. Montgomery Dag Arne Osuik Herman te Riele Andrey Timofeev Paul Zimmermann 333

Correcting Errors in RSA Private Keys Wilko Henecka Alexander May Alexander Meurer 351

Improved Differential Attacks for ECHO and Grøstl Thomas Peyrin 370

A Practical-Time Related-Key Attack on the KASUMI Cryptosystem Used in GSM and 3G Telephony Orr Dunkelman Nathan Keller Adi Shamir 393

Composition

Universally Composable Incoercibility Dominque Unruh Jörn Müller-Quade 411

Concurrent Non-Malleable Zero Knowledge Proofs Huijia Lin Rafael Pass Wei-Lung Dustin Tseng Muthuramakrishnan Venkitasubramaniam 429

Equivalence of Uniform Key Agreement and Composition Insecurity Chongwon Cho Chen-Kuei Lee Rafail Ostrovsky 447

Computation Delegation and Obfuscation

Non-Interactive Verifiable Computing: Outsourcing Computation to Untrusted Workers Rosario Gennaro Craig Gentry Bryan Parno 465

Improved Delegation of Computation Using Fully Homomorphic Encryption Kai-Min Chung Yael Kalai Salil Vadhan 483

Oblivious RAM Revisited Benny Pinkas Tzachy Reinman 502

On Strong Simulation and Composable Point Obfuscation Nir Bitansky Ran Canetti 520

Multiparty Computation

Protocols for Multiparty Coin Toss with Dishonest Majority Amos Beimel Eran Omri Ilan Orlov 538

Multiparty Computation for Dishonest Majority: From Passive to Active Security at Low Cost Ivan Damgård Claudio Orlandi 558

Secure Multiparty Computation with Minimal Interaction Yuval Ishai Eyal Kushilevitz Anat Paskin-Cherniavsky 577

A Zero-One Law for Cryptographic Complexity with Respect to Computational UC Security Hemanta K. Maji Manoj Prabhakaran Mike Rosulek 595

Pseudorandomness

On Generalized Feistel Networks Viet Tung Hoang Phillip Rogaway 613

Cryptographic Extraction and Key Derivation: The HKDF Scheme Hugo Krawczyk 631

Time Space Tradeoffs for Attacks against One-Way Functions and PRGs Anindya De Luca Trevisan Madhur Tulsiani 649

Pseudorandom Functions and Permutations Provably Secure against Related-Key Attacks Mihir Bellare David Cash 666

Quantum

Secure Two-Party Quantum Evaluation of Unitaries against Specious Adversaries Frédéric Dupuis Jesper Buus Nielsen Louis Salvail 685

On the Efficiency of Classical and Quantum Oblivious Transfer Reductions Severin Winkler Jürg Wullschleger 707

Sampling in a Quantum Population, and Applications Niek J. Bouman Serge Fehr 724

Author Index 743