- May 2024
-
eurocrypt.iacr.org eurocrypt.iacr.org
-
Efficient and Generic Methods to Achieve Active Security in Private Information Retrieval and More Advanced Database Search
-
Probabilistically Checkable Arguments for all NP
-
AprèsSQI: Extra Fast Verification for SQIsign Using Extension-Field Signing
-
Trapdoor Memory-Hard Functions
-
- Apr 2024
-
www.sigsac.org www.sigsac.org
-
credentials from various issuers. Another vital property is issuer hiding, ensuring that the issuer's identity remains concealed, revealing only compliance with the verifier's policy. This prevents unique identification based on the sole combination of credential issuers. To date, there exists no AC scheme satisfying both
jfjfm
-
Formal Analysis of Access Control Mechanism of 5G Core Network
-
- Feb 2024
-
eprint.iacr.org eprint.iacr.org046.pdf7
-
rrespective of any auxiliary input
嗯
-
auxiliary input is implicit in the definitionsince computational indistinguishability with respect to non-uniform adversaries is required.
啥
-
randomized functionality f (x, y)
Randomized
-
≡
Computationally indistinguishable
-
plaintext length
X^n
-
auxiliary information
h
-
Formally,every party considered has a security parameter tape upon which the value 1 n is written.
不懂
-
-
-
The implementation of ByzzFuzz requires
拦截信息,运行算法,然后决定对该信息修改并deliver(丢弃)
-
small-scope message mutations
idk what's this
-
-
-
synchronous reactive programming language and frameworkfor designing, testing, and verifying distributed algorithms
synchronous
-
-
file.notion.so file.notion.so
-
store
store(v2, h, v1)σ that certifies that a block with hash value h initially proposed in view v1 was “stored” in view v2
-
- Dec 2023
-
arxiv.org arxiv.org
-
If a correct replica executes an operation op in aview v, no correct replica will change to a new view withoutexecuting o
?
-
- Nov 2023
-
link.springer.com link.springer.com
-
ch we sketch here. Giv
看不懂
-
-
arxiv.org arxiv.org
-
not ensure that all correct replicas execute all operationsin the same orde
Not clear to me
-
show operationseventually complete
"Eventually"
-
Even state transfer cannot help the affected client for a
summary: 1. checkpoint may not happen 2. happened by still can not answer (not clear to me) 3. happening unfrequently makes latency
-
the clientcannot accept a reply with less than 2f +1 matching responses
This is my previous understanding.
-
operation (say, an update) is consideredcommitted and ready for execution when it is confirmed
I think there is an extra round. committed -> gather a quorum -> excute _> when gathered enough, respond client for yes, otherwise no.
-
-
file.notion.so file.notion.so
-
wait for 2f + 1 matching replies
Why 2f+1 instead of f+1
-
n − 2f = f + 1 correct replicas execute every request and that
Not clear to me
-
-
-
t all committed operations will be committed at f + 1
Not clear to me
-
- Oct 2023
-
eprint.iacr.org eprint.iacr.org216.pdf1
-
the dealer can either use anon-interactive zero-knowledge (NIZK) proof constructed using the Fiat-Shamirheuristic as in [Sch99] (resulting in a construction in the ROM under the DDHassumption) or have the parties do pairing based checks as in [HV09] (resultingin a construction in the plain model under the DBS assumption)
ROM + DDH vs DBS
-
- Sep 2023
-
arxiv.org arxiv.org
-
orth a notion called reliable broad-casted seeding (Seeding) and construct it from aggregatable PVSS
It's the same as ittai's
-
- Jul 2023
-
decentralizedthoughts.github.io decentralizedthoughts.github.io
-
That lower bound turned out to be very robust
Yes, see that post.
-
-
decentralizedthoughts.github.io decentralizedthoughts.github.io
-
World 3:
本质上应该是equivocation byzatine对诚实的两方做equivocation使得诚实两方决定不一致的结果。
-
-
www.cs.yale.edu www.cs.yale.edu
-
main proof technique is to construct an invariant.
Same as the idea in Ivy
-
- May 2023
-
arxiv.org arxiv.org
-
beingefficiently realizable in the secure setting
还是使用norm bounds(即输入验证Input Validation),但是需要高效实现
-
nforce constraints such asL2 and L∞ bounds on high-dimensional encrypted modelupdates
什么意思
-
general-purpose secure computation techniques (e.g.,generic MPC
已有的工作要使用通用MPC,开销大
-
These have beenstudied to a lesser extent, and we address this gap in thispape
第一类攻击影响可用性 第二类在模型植入后门 本文关注于第二类
-
one can reconstructsensitive data from clients’ local datase
FL也可能根据观察梯度,重构数据
-
-
arxiv.org arxiv.org
-
tant, i.e., 2, whereas the Maxpool protocols in Falcon [12],SecureNN [11], and CryptFlow [17] require 104, 72, and
差别这么大?! QWQ
-
. Existing works inthe literature mostly fall into two categorie
maxpool的协议,通信也是瓶颈
-
. Intuitively, communication is the bottleneckfor all four comparison methods
四种mpc-cmp协议通信都有bottleneck
-
. Currently, MPC-based compar-ison (CMP) protocols could be categorized into four typ
基于mpc的比较协议
-
pically outsource sensitive data to cloudML services.
通常将敏感数据外包给云端的机器学习服务。
PPML 结合ML和MPC保护隐私
-
This would be exacerbated in com-mercial deployment settin
sota,CryptGPU,表现不好
-
-
-
휎표푟 -sentences that holdover the integers is undecidable
相比real的是decidable
-
While all axiomatizable theories of non-linear arithmetic are incomplete,LIRR is weak by design (relative to say Peano arithmetic), trading power for tractable automatedreasoning:
本文提出的LIRR (ring),相比,nonlinear arithmetic
-
reports “we foundZ3’s theory of nonlinear arithmetic to be slow and unstable;
Z3 求解非线性运算很慢且不稳定
-
-
dl.acm.org dl.acm.org
-
This paper proves the following main results
如下是witnessable
-
transforming the proofs of undecidability to witnessfunctions.
什么是intensional 和extensional
-
we analyze the “computable approximability” of different problems and providescomputable imprecision witnesses for decidable approximations of certain undecidable problems.
本工作
-
there exist computable functions that take as input the implementation (source code) of adecidable approximation and output a witness on which the approximation is imprecise.
存在一个可计算函数,用于计算一个可判定近似器的不精确性(witness)
-
- Apr 2023
-
blog.chain.link blog.chain.link
-
UDQ-unique
收到2/3消息是b,则半数以上好节点是b
比如10个节点的边界情况: 好:4b, 3b' 坏 <= 3b' 因此b'不可能过2/3。只有b可以
注意好节点的消息一定会收到(7条)
4.10 update: R是一个round收到的所以消息,同步网络下,至少由2/3条消息(诚实节点一定会发出)。那么,如果这R些消息中,2/3是b,R中的1/3一定存在b,不想说了看图: 【n】 [ 2/3R | 1/3R] honest 【[ b | b' ] 】
【[ b | b' ]】剩下的1/3b'即使全是honest,没有一半的总honest。
-