Books

1. "Decision and Game Theory for Security (GameSec) 2011" (edited volume), with J. Baras and E. Altman
   LNCS vol. 7037, Springer, 2011
   
   
2. "Digital Signatures"
   Springer, 2010
   
   
3. "Solutions Manual for 'Introduction to Modern Cryptography'," with Y. Lindell
   CRC Press, 2009
   
   
4. "Introduction to Modern Cryptography," with Y. Lindell
   CRC Press, 2007
   
   
5. "Applied Cryptography and Network Security (ACNS) 2007" (edited volume), with M. Yung
   LNCS vol. 4521, Springer, 2007

Book chapters

1. "Cryptography"
   In Computing Handbook Set -- Computer Science, T. Gonzalez, ed., CRC Press, 2013 (to appear).
   
   
2. "Public-Key Cryptography"
   In Handbook of Information and Communication Security, P. Stavroulakis and M. Stamp, eds., Springer, 2010.
   
   
3. "Cryptography"
   In Wiley Encyclopedia of Computer Science and Engineering, B.W. Wah, ed., John Wiley & Sons, Inc., 2008.
   
   
4. "Symmetric-Key Encryption"
   In Handbook of Information Security, H. Bidgoli, ed., John Wiley & Sons, Inc., 2005.
   
   
5. "Cryptography"
   In Computer Science Handbook, 2nd edition, A. Tucker, ed., CRC Press, 2004.

Journal articles

Published/Awaiting Publication

1. "Aggregate Message Authentication Codes," with Yehuda Lindell
   IET Information Security, to appear.
   
   
2. "Predicate Encryption Supporting Disjunctions, Polynomial Equations, and Inner Products," with Amit Sahai and Brent Waters
   Journal of Cryptology, to appear. (One of 4 papers from Eurocrypt 2008 invited to the Journal of Cryptology.)
   The full version is available. Note: this version differs slightly from what will be published.
   
   
3. "Two-Server Password-Only Authenticated Key Exchange," with Phil MacKenzie, Gelareh Taban, and Virgil Gligor
   Journal of Computer and System Sciences 78(2): 651--669, 2012.
   The full version is available.
   
   
4. "Which Languages Have 4-Round Zero-Knowledge Proofs?"
   Journal of Cryptology 25(1): 41-56, 2012. (One of 3 papers from TCC 2008 invited to the Journal of Cryptology.)
   The full version is available. Note: this version differs slightly from what was published.
   
   
5. "Partial Fairness in Secure Two-Party Computation," with Dov Gordon
   Journal of Cryptology 25(1): 14-40, 2012.
   The full version is available. Note: this version differs slightly from what was published.
   
   
6. "Complete Fairness in Secure Two-Party Computation," with S. Dov Gordon, Carmit Hazay, and Yehuda Lindell
   Journal of the ACM 58(6): 1-36, 2011.
   The extended full version is available.
   
   
7. "On Achieving the 'Best of Both Worlds' in Secure Multiparty Computation," with Yuval Ishai, Eyal Kushilevitz, Yehuda Lindell, and Erez Petrank
   SIAM J. Computing 40(1): 122-141, 2011.
   The full version is available.
   
   
8. "Parallel and Concurrent Security of the HB and HB+ Protocols," with Ji-Sun Shin and Adam Smith
   Journal of Cryptology 23(3): 402-421, 2010.
   The full version is available.
   
   
9. "Bounds on the Efficiency of 'Black-Box' Commitment Schemes," with Omer Horvitz
   Theoretical Computer Science 411(10): 1251-1260, 2010.
   The full version is available.
   
   
10. "Efficient and Secure Authenticated Key Exchange Using Weak Passwords," with Rafail Ostrovsky and Moti Yung
    Journal of the ACM 57(1): 78-116, 2009.
    The full version is available. Note: this version differs slightly from what was published.
    
    
11. "Improving the Round Complexity of VSS in Point-to-Point Networks," with Chiu-Yuen Koo and Ranjit Kumaresan
    Information & Computation 207(8): 889-899, 2009.
    The full version is available.
    
    
12. "Reducing Complexity Assumptions for Statistically-Hiding Commitment," with Iftach Haitner, Omer Horvitz, Chiu-Yuen Koo, Ruggero Morselli, and Ronen Shaltiel
    Journal of Cryptology 22(3): 283-310, 2009.
    The full version is available. Note: this version differs slightly from what was published (most notably in Section 4).
    
    
13. "Ring Signatures: Stronger Definitions, and Constructions without Random Oracles," with Adam Bender and Ruggero Morselli
    Journal of Cryptology 22(1): 114-138, 2009.
    The full version is available.
    
    
14. "On Expected Constant-Round Protocols for Byzantine Agreement," with Chiu-Yuen Koo
    Journal of Computer and System Sciences 75(2): 91-112, 2009.
    The full version is available.
    
    
15. "Handling Expected Polynomial-Time Strategies in Simulation-Based Security Proofs," with Yehuda Lindell
    Journal of Cryptology 21(3): 303-349, 2008.
    The full version is available.
    
    
16. "Efficient Signature Schemes with Tight Security Reductions to the Diffie-Hellman Problems," with Eu-Jin Goh, Stanislaw Jarecki, and Nan Wang
    Journal of Cryptology 20(4): 493-514, 2007.
    The full version is available.
    
    
17. "A Forward-Secure Public-Key Encryption Scheme," with Ran Canetti and Shai Halevi
    Journal of Cryptology 20(3): 265-294, 2007.
    The full version is available.
    
    
18. "Scalable Protocols for Authenticated Group Key Exchange," with Moti Yung
    Journal of Cryptology 20(1): 85-113, 2007.
    The full version is available.
    
    
19. "Chosen-Ciphertext Security From Identity-Based Encryption," with Dan Boneh, Ran Canetti, and Shai Halevi
    SIAM Journal on Computing 36(5): 1301-1328, 2007.
    The full version is available.
    
    
20. "Characterization of Security Notions for Probabilistic Private-Key Encryption," with Moti Yung
    Journal of Cryptology 19(1): 67-96, 2006.
    The full version is available.
    
    
21. "A Pairwise Key Pre-Distribution Scheme for Wireless Sensor Networks," with Wenliang Du, Jing Deng, Yunghsiang S. Han, Pramod K. Varshney, and Aram Khalili
    ACM Transactions on Information and System Security 8(2): 228-258, 2005.
    The full version is available.
    
    
22. "Bounds on the Efficiency of Generic Cryptographic Constructions," with Rosario Gennaro, Yael Gertner, and Luca Trevisan
    SIAM Journal on Computing 35(1): 217-246, 2005.
    The full version is available.

In Preparation

1. "Round-Optimal Password-Based Authenticated Key Exchange," with Vinod Vaikuntanathan
   One of 3 papers from TCC 2011 invited to the Journal of Cryptology. A preliminary full version is available.
   
   
2. "Robust Fuzzy Extractors and Authenticated Key Agreement from Close Secrets," with Yevgeniy Dodis, Bhavana Kanakurthi, Leo Reyzin, and Adam Smith
   In submission. A preliminary full version is available.
   
   
3. "Authenticated Broadcast with a Partially Compromised Public-Key Infrastructure," with S. Dov Gordon, Ranjit Kumaresan, and Arkady Yerukhimovich
   Invited to a special issue of Information & Computation. A preliminary full version is available.
   
   
4. "On Constructing Universal One-Way Hash Functions from Arbitrary One-Way Functions," with Chiu-Yuen Koo
   Accepted to Journal of Cryptology (pending revisions). A preliminary full version is available.

Articles in refereed conferences and workshops

1. "Strengthening Semi-Honest Protocols with Dual Execution," with Yan Huang and David Evans
   IEEE Symposium on Security & Privacy (Oakland) 2012.
   
   
2. "Fair Computation with Rational Players," with Adam Groce
   Eurocrypt 2012
   
   
3. "On the Security of the 'Free-XOR' Technique," with Seung Geol Choi, Ranjit Kumaresan, and Hong-Sheng Zhou
   9th Theory of Cryptography Conference (TCC) 2012
   
   
4. "Secure Multi-Party Computation of Boolean Circuits with Applications to Privacy in On-Line Marketplaces," with Seung Geol Choi, Kyung-Wook Hwang, Tal Malkin, and Dan Rubenstein
   RSA 2012 --- Cryptographers' Track
   The code is available here.
   
   
5. "Private Set Intersection: Are Garbled Circuits Better than Custom Protocols?" with Yan Huang and David Evans
   Network and Distributed System Security Conference (NDSS) 2012.
   The proceedings version is available.
   The code is available here.
   
   
6. "Efficient Secure Computation with Garbled Circuits," with Yan Huang, Chih-hao Shen, David Evans, and Abhi Shelat
   Invited paper, International Conference on Information Systems Security 2011
   
   
7. "Constant-Round Private-Function Evaluation with Linear Complexity," with Lior Malka
   Asiacrypt 2011
   
   
8. "Faster Secure Two-Party Computation Using Garbled Circuits," with Yan Huang, David Evans, and Lior Malka
   USENIX Security Symposium 2011.
   The proceedings version is available. (Note: this may not fully match the actual published version.)
   The code is available here.
   
   
9. "Adaptively Secure Broadcast, Revisited," with Juan Garay, Ranjit Kumaresan, and Hong-Sheng Zhou
   ACM Symposium on Principles of Distributed Computing (PODC) 2011.
   The proceedings version is available.
   
   
10. "Round-Optimal Password-Based Authenticated Key Exchange," with Vinod Vaikuntanathan
    8th Theory of Cryptography Conference (TCC) 2011.
    Invited to a special issue of J. Cryptology (one of 3 papers selected from TCC 2011).
    
    
11. "Limits of Computational Differential Privacy in the Client/Server Setting," with Adam Groce and Arkady Yerukhimovich
    8th Theory of Cryptography Conference (TCC) 2011.
    The proceedings version (© IACR) is available.
    
    
12. "Impossibility of Blind Signatures from One-Way Permutations," with Dominique Schröder and Arkady Yerukhimovich
    8th Theory of Cryptography Conference (TCC) 2011.
    The proceedings version (© IACR) is available.
    
    
13. "Limits on the Power of Zero-Knowledge Proofs in Cryptographic Constructions," with Zvika Brakerski, Gil Segev, and Arkady Yerukhimovich
    8th Theory of Cryptography Conference (TCC) 2011.
    The proceedings version (© IACR) is available.
    
    
14. "Efficient Privacy-Preserving Biometric Identification," with Yan Huang, Lior Malka, and David Evans
    Network and Distributed System Security Conference (NDSS) 2011.
    
    
15. "A Group Signature Scheme from Lattice Assumptions," with Dov Gordon and Vinod Vaikuntanathan
    Asiacrypt 2010
    
    
16. "Public-Key Cryptography Resilient to Continual Memory Leakage," with Zvika Brakerski, Yael Tauman Kalai, and Vinod Vaikuntanathan
    IEEE Symposium on Foundations of Computer Science (FOCS) 2010
    
    
17. "Secure Text Processing with Applications to Private DNA Matching," with Lior Malka
    ACM Conference on Computer and Communications Security 2010
    The proceedings version is available.
    
    
18. "A New Framework for Efficient Password-Based Authenticated Key Exchange," with Adam Groce
    ACM Conference on Computer and Communications Security 2010. The full version is available.
    
    
19. "Authenticated Broadcast with a Partially Compromised Public-Key Infrastructure," with S. Dov Gordon, Ranjit Kumaresan, and Arkady Yerukhimovich
    12th Intl. Symp. on Stabilization, Safety, and Security of Distributed Systems (SSS) 2010
    Invited to a special issue of Information & Computation
    
    
20. "Partial Fairness in Secure Two-Party Computation," with Dov Gordon
    Eurocrypt 2010. The full version is available.
    
    
21. "Secure Network Coding Over the Integers," with Rosario Gennaro, Hugo Krawczyk, and Tal Rabin
    Public-Key Cryptography (PKC) 2010
    
    
22. "Efficient Rational Secret Sharing in Standard Communication Networks," with Georg Fuchsbauer and David Naccache
    7th Theory of Cryptography Conference (TCC) 2010. The full version is available.
    
    
23. "Signature Schemes with Bounded Leakage Resilience," with Vinod Vaikuntanathan
    Asiacrypt 2009
    An early version is available; the proceedings version contains some additional results
    
    
24. "On Black-Box Constructions of Predicate Encryption Schemes from Trapdoor Permutations," with Arkady Yerukhimovich
    Asiacrypt 2009
    The proceedings version (© IACR) is available
    
    
25. "Smooth Projective Hashing and Password-Based Authenticated Key Exchange from Lattices," with Vinod Vaikuntanathan
    Asiacrypt 2009
    The proceedings version (© IACR) is available
    
    
26. "Proofs of Storage from Homomorphic Identification Protocols," with Giuseppe Ateniese and Seny Kamara
    Asiacrypt 2009
    The proceedings version (© IACR) is available
    
    
27. "Attacking Cryptographic Schemes Based on 'Perturbation Polynomials'," with Martin Albrecht, Craig Gentry, and Shai Halevi
    ACM Conference on Computer and Communications Security 2009
    
    
28. "Collusion-Free Multiparty Computation in the Mediated Model," with Joel Alwen, Yehuda Lindell, Giuseppe Persiano, Abhi Shelat, and Ivan Visconti
    Crypto 2009
    An early version is available (note: this is different from the proceedings version).
    
    
29. "Signing a Linear Subspace: Signatures for Network Coding," with Dan Boneh, David Freeman, and Brent Waters
    Public-Key Cryptography (PKC) 2009
    
    
30. "Composability and On-Line Deniability of Authentication," with Yevgeniy Dodis, Adam Smith, and Shabsi Walfish
    6th Theory of Cryptography Conference (TCC) 2009
    The proceedings version (© IACR) is available.
    
    
31. "Complete Fairness in Multi-Party Computation without an Honest Majority," with Dov Gordon
    6th Theory of Cryptography Conference (TCC) 2009
    
    
32. "Improving the Round Complexity of VSS in Point-to-Point Networks," with Chiu-Yuen Koo and Ranjit Kumaresan
    International Colloquium on Automata, Languages, and Programming (ICALP) 2008
    The full version is available above.
    
    
33. "Complete Fairness in Secure Two-Party Computation," with S. Dov Gordon, Carmit Hazay, and Yehuda Lindell
    ACM Symposium on Theory of Computing (STOC) 2008
    The proceedings version (© ACM) is available, and a preliminary full version is available above
    
    
34. "Predicate Encryption Supporting Disjunctions, Polynomial Equations, and Inner Products," with Amit Sahai and Brent Waters
    Eurocrypt 2008
    Invited to a special issue of J. Cryptology (one of 4 papers selected from Eurocrypt 2008)
    The proceedings version (© IACR) is available, as is the full version
    
    
35. "How to Encrypt with a Malicious Random Number Generator," with Seny Kamara
    Fast Software Encryption (FSE) 2008
    
    
36. "Aggregate Message Authentication Codes," with Yehuda Lindell
    RSA 2008 --- Cryptographers' Track
    
    
37. "Bridging Game Theory and Cryptography: Recent Results and Future Directions"
    Invited paper, 5th Theory of Cryptography Conference (TCC) 2008
    The proceedings version (© IACR) is available. A full version is in preparation
    
    
38. "Which Languages have 4-Round Zero-Knowledge Proofs?"
    5th Theory of Cryptography Conference (TCC) 2008
    Invited to a special issue of J. Cryptology (one of 3 papers selected from TCC 2008).
    
    
39. "Universally-Composable Computation with an Unreliable Common Reference String," with Vipul Goyal
    5th Theory of Cryptography Conference (TCC) 2008
    The proceedings version (© IACR) is available
    
    
40. "Efficient Cryptographic Protocols Based on the Hardness of Learning Parity with Noise"
    Invited paper, 11th IMA International Conference on Cryptography and Coding Theory, 2007
    
    
41. "Round Complexity of Authenticated Broadcast with a Dishonest Majority," with Juan Garay, Chiu-Yuen Koo, and Rafail Ostrovsky
    IEEE Symposium on Foundations of Computer Science (FOCS) 2007
    The proceedings version is available.
    
    
42. "Universally-Composable Two-Party Computation in Two Rounds," with Omer Horvitz
    Crypto 2007
    The proceedings version (© IACR) is available.
    
    
43. "On Achieving the 'Best of Both Worlds' in Secure Multiparty Computation"
    ACM Symposium on Theory of Computing (STOC) 2007
    The full version is available above.
    
    
44. "Universally Composable Multi-Party Computation using Tamper-Proof Hardware"
    Eurocrypt 2007
    The proceedings version (© IACR) is available.
    
    
45. "Round-Efficient Secure Computation in Point-to-Point Networks," with Chiu-Yuen Koo
    Eurocrypt 2007
    The proceedings version (© IACR) is available.
    
    
46. "Concurrently-Secure Blind Signatures without Random Oracles or Setup Assumptions," with Carmit Hazay, Chiu-Yuen Koo, and Yehuda Lindell
    4th Theory of Cryptography Conference (TCC) 2007
    The proceedings version (© IACR) is available.
    
    
47. "Exploiting Approximate Transitivity of Trust," with Ruggero Morselli, Bobby Bhattacharjee, and Michael Marsh
    Invited paper, BroadNets 2007
    
    
48. "Rational Secret Sharing, Revisited," with S. Dov Gordon
    Security and Cryptography for Networks 2006
    (An extended abstract of this work was also accepted for presentation at NetEcon 2006)
    
    
49. "Robust Fuzzy Extractors and Authenticated Key Agreement From Close Secrets," with Yevgeniy Dodis, Leo Reyzin, and Adam Smith
    Crypto 2006
    This paper is superseded by the preliminary full version available above.
    
    
50. "On Expected Constant-Round Protocols for Byzantine Agreement," with Chiu-Yuen Koo
    Crypto 2006
    The full version is available above. An older version is available from the eprint archives.
    
    
51. "Reliable Broadcast in Radio Networks: The Bounded Collision Case," with Chiu-Yuen Koo, Vartika Bhandari, and Nitin Vaidya
    PODC 2006
    
    
52. "Parallel and Concurrent Security of the HB and HB+ Protocols," with Ji Sun Shin
    Eurocrypt 2006
    The full version is available.
    This work is superseded by the journal version "Parallel and Concurrent Security of the HB and HB+ Protocols," with Ji-Sun Shin and Adam Smith, available above.
    
    
53. "Ring Signatures: Stronger Definitions, and Constructions without Random Oracles," with Adam Bender and Ruggero Morselli
    3rd Theory of Cryptography Conference (TCC) 2006
    A version available on eprint is an extended version of what appeared in the proceedings. The full version is available above.
    
    
54. "Modeling Insider Attacks on Group Key-Exchange Protocols," with Ji Sun Shin
    ACM Conference on Computer and Communications Security 2005
    The full version and the presentation given at the conference are available.
    
    
55. "Lower Bounds on the Efficiency of 'Black-Box' Commitment Schemes," with Omer Horvitz
    International Colloquium on Automata, Languages, and Programming (ICALP) 2005
    Invited to a special issue of Theoretical Computer Science
    The proceedings version (© Springer-Verlag) is available. A preliminary full version is available above.
    
    
56. "Two-Server Password-Only Authenticated Key Exchange," with Phil MacKenzie, Gelareh Taban, and Virgil Gligor
    Applied Cryptography and Network Security (ACNS) 2005
    The proceedings version (© Springer-Verlag) is available, and a preliminary full version is available above.
    
    
57. "Universally Composable Password-Based Key Exchange," with Ran Canetti, Shai Halevi, Yehuda Lindell, and Phil MacKenzie
    Eurocrypt 2005
    The proceedings version (© IACR) and a preliminary full version are available.
    
    
58. "Secure Remote Authentication Using Biometric Data," with Xavier Boyen, Yevgeniy Dodis, Rafail Ostrovsky, and Adam Smith
    Eurocrypt 2005
    A revised version is available. (Note: this is essentially the same as the proceedings version, except that some mistakes have been fixed.)
    
    
59. "Reducing Complexity Assumptions for Statistically-Hiding Commitment," with Iftach Haitner, Omer Horvitz, Chiu-Yuen Koo, Ruggero Morselli, and Ronen Shaltiel
    Eurocrypt 2005
    The proceedings version (© IACR) is available, and the full version is available above. An earlier version of the paper is also available.
    
    
60. "Adaptively-Secure, Non-Interactive Public-Key Encryption," with Ran Canetti and Shai Halevi
    2nd Theory of Cryptography Conference (TCC) 2005
    The proceedings version (© IACR) and the full version are available.
    
    
61. "Chosen Ciphertext Security of Multiple Encryption," with Yevgeniy Dodis
    2nd Theory of Cryptography Conference (TCC) 2005
    The proceedings version (© IACR) is available
    
    
62. "Handling Expected Polynomial-Time Strategies in Simulation-Based Security Proofs," with Yehuda Lindell
    2nd Theory of Cryptography Conference (TCC) 2005
    The proceedings version (© IACR) is available, and the full version is available above.
    
    
63. "Improved Efficiency for CCA-Secure Cryptosystems Built Using IBE," with Dan Boneh
    RSA 2005 --- Cryptographers' Track
    The proceedings version (© Springer-Verlag) is available. The full version is available above.
    
    
64. "Identity-Based Zero Knowledge," with Rafail Ostrovsky and Michael Rabin
    Security in Communication Networks, 2004
    
    
65. "Round-Optimal Secure Two-Party Computation," with Rafail Ostrovsky
    Crypto 2004
    The proceedings version (© IACR) is available.
    
    
66. "A Game-Theoretic Framework for Analyzing Trust-Inference Protocols," with Ruggero Morselli and Bobby Bhattacharjee
    Second Workshop on the Economics of Peer-to-Peer Systems, 2004
    A preliminary manuscript is available, as well as the presentation that was given at the P2Pecon workshop. A full(er) version of the paper is available on request.
    
    
67. "One-Round Protocols for Two-Party Authenticated Key Exchange," with Ik Rae Jeong and Dong Hoon Lee
    Applied Cryptography and Network Security (ACNS) 2004
    A full version is available (this version corrects some minor errors in the prceedings version).
    
    
68. "Chosen-Ciphertext Security From Identity-Based Encryption," with Ran Canetti and Shai Halevi
    Eurocrypt 2004
    An early version is available at the eprint archives. The proceedings version (© IACR) is also available, and the full version is available above.
    
    
69. "Trust Preserving Set Operations," with Ruggero Morselli, Bobby Bhattacharjee, and Pete Keleher
    IEEE Infocom 2004
    
    
70. "A Generic Construction for Intrusion-Resilient Public-Key Encryption," with Yevgeniy Dodis, Matt Franklin, Atsuko Miyaji, and Moti Yung
    RSA 2004 --- Cryptographers' Track.
    
    
71. "Binary Tree Encryption: Constructions and Applications"
    Invited paper, ICISC 2003
    The proceedings version (© Springer-Verlag) is available.
    
    
72. "Efficiency Improvements for Signature Schemes with Tight Security Reductions," with Nan Wang
    ACM Conference on Computer and Communications Security 2003
    The proceedings version (© ACM) is available (note: this version is slightly updated from what actually appears in the proceedings).
    The full version (which does not contain all the results in the proceedings version) is available above as "Efficient Signature Schemes with Tight Security Reductions to the Diffie-Hellman Problems".
    
    
73. "Scalable Protocols for Authenticated Group Key Exchange," with Moti Yung
    Crypto 2003
    The proceedings version (© IACR) is available, and the full version is available above.
    
    
74. "Lower Bounds on the Efficiency of Encryption and Digital Signature Schemes," with Rosario Gennaro and Yael Gertner
    ACM Symposium on Theory of Computing (STOC) 2003
    The proceedings version (© ACM) is available, and the full version is available above as "Bounds on the Efficiency of Generic Cryptographic Constructions".
    
    
75. "Round Efficiency of Multi-Party Computation with a Dishonest Majority," with Rafail Ostrovsky and Adam Smith
    Eurocrypt 2003
    The proceedings version (© IACR) and an extended version are available.
    
    
76. "A Forward-Secure Public-Key Encryption Scheme," with Ran Canetti and Shai Halevi
    Eurocrypt 2003
    The proceedings version (© IACR) is available, and the full version is available above. Older versions of the paper are available here and here.
    
    
77. "Efficient and Non-Malleable Proofs of Plaintext Knowledge and Applications"
    Eurocrypt 2003
    The proceedings version (© IACR) is available. A slightly extended (but older) version is available at the eprint archives.
    
    
78. "Intrusion-Resilient Public-Key Encryption," with Yevgeniy Dodis, Matt Franklin, Atsuko Miyaji, and Moti Yung
    RSA 2003 --- Cryptographers' Track
    
    
79. "Toward Secure Key Distribution in Truly Ad-Hoc Networks," with Aram Khalili and William Arbaugh
    IEEE Workshop on Security and Assurance in Ad-Hoc Networks 2003
    
    
80. "Strong Key-Insulated Signature Schemes," with Yevgeniy Dodis, Shouhuai Xu, and Moti Yung
    Public-Key Cryptography (PKC) 2003
    
    
81. "Forward Secrecy in Password-Only Key Exchange Protocols," with Rafail Ostrovsky and Moti Yung
    Security in Communication Networks 2002
    A preliminary full version is available as "Efficient and Secure Authenticated Key Exchange Using Weak Passwords," above.
    
    
82. "Threshold Cryptosystems Based on Factoring," with Moti Yung
    Asiacrypt 2002
    
    
83. "Implementation of Chosen-Ciphertext Attacks against PGP and GnuPG," with Kahil Jallad, Jena Lee, and Bruce Schneier
    Information Security Conference 2002
    
    
84. "Key-Insulated Public-Key Cryptosystems," with Yevgeniy Dodis, Shouhuai Xu, and Moti Yung
    Eurocrypt 2002
    
    
85. "Incremental and Unforgeable Encryption," with Enrico Buonanno and Moti Yung
    Fast Software Encryption 2001
    
    
86. "Efficient Password-Authenticated Key Exchange Using Human-Memorizable Passwords," with Rafail Ostrovsky and Moti Yung
    Eurocrypt 2001
    A preliminary full version is available as "Efficient and Secure Authenticated Key Exchange Using Weak Passwords," above.
    An older version is available at the eprint archives.
    
    
87. "Efficient and Non-Interactive, Non-Malleable Commitment," with Giovanni Di Crescenzo, Rafail Ostrovsky, and Adam Smith
    Eurocrypt 2001
    
    
88. "Cryptographic Counters and Applications to Electronic Voting," with Rafail Ostrovsky and Steven Myers
    Eurocrypt 2001
    
    
89. "A Chosen-Ciphertext Attack against Several E-mail Encryption Protocols," with Bruce Schneier
    USENIX Security Symposium 2000
    
    
90. "Unforgeable Encryption and Chosen-Ciphertext-Secure Modes of Operation," with Moti Yung
    Fast Software Encryption 2000
    
    
91. "Complete Characterization of Security Notions for Probabilistic, Private-Key Encryption," with Moti Yung
    ACM Symposium on Theory of Computing (STOC) 2000
    The full version is available above.
    
    
92. "On the Efficiency of Local Decoding Procedures for Error-Correcting Codes," with Luca Trevisan
    ACM Symposium on Theory of Computing (STOC) 2000

Manuscripts

Current:

1. "(Efficient) Universally Composable Two-Party Computation Using a Minimal Number of Stateless Tokens," with Seung Geol Choi, Dominique Schröder, Arkady Yerukhimovich, and Hong-Sheng Zhou
2. "Secure Computation with Sublinear Amortized Work," with Dov Gordon, Vlad Kolesnikov, Tal Malkin, Mariana Raykova, and Yevgeniy Vahlis. Accepted as a short paper to the Workshop on Cryptography and Security in Clouds, 2011.
3. "Collusion-Preserving Computation," with Joel Alwen, Ueli Maurer, and Vassilis Zikas
4. "Universally Composable Synchronous Computation," with Ueli Maurer, Bjorn Tackmann, and Vassilis Zikas

Old:

1. "VMCrypt --- Modular Software Architecture for Scalable Secure Computation," with Lior Malka.
   Revised version accepted to ACM Conference on Computer and Communications Security 2011.
2. "Compact Signatures for Network Coding," with Brent Waters
   This work is superseded by the paper available above: "Signing a Linear Subspace: Signatures for Network Coding," with Dan Boneh, David Freeman, and Brent Waters
3. "Analyzing the HB and HB+ Protocols in the 'Large Error' Case," with Adam Smith
   This work is superseded by the paper available above: "Parallel and Concurrent Security of the HB and HB+ Protocols," with Ji-Sun Shin and Adam Smith.
4. "KeyChains: A Decentralized Public-Key Infrastructure," with Ruggero Morselli, Bobby Bhattacharjee, and Mike Marsh
   Technical Report CS-TR-4788, Department of Computer Science, University of Maryland, 2006. Also filed as UMIACS-2006-12. The results here are described in the paper: "Exploiting Approximate Transitivity of Trust," with Ruggero Morselli, Bobby Bhattacharjee, and Michael Marsh

PhD thesis

• "Efficient and Non-Interactive, Non-Malleable Commitment"
• "Efficient Password-Authenticated Key Exchange Using Human-Memorable Passwords"
• "Forward Secrecy in Password-Only Key-Exchange Protocols"
• "Efficient and Non-Malleable Proofs of Plaintext Knowledge and Applications"