{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,1,15]],"date-time":"2026-01-15T23:30:42Z","timestamp":1768519842657,"version":"3.49.0"},"publisher-location":"Berlin, Heidelberg","reference-count":44,"publisher":"Springer Berlin Heidelberg","isbn-type":[{"value":"9783540414049","type":"print"},{"value":"9783540444480","type":"electronic"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2000]]},"DOI":"10.1007\/3-540-44448-3_13","type":"book-chapter","created":{"date-parts":[[2007,6,9]],"date-time":"2007-06-09T04:22:44Z","timestamp":1181362964000},"page":"162-177","source":"Crossref","is-referenced-by-count":138,"title":["Mix and Match: Secure Function Evaluation via Ciphertexts"],"prefix":"10.1007","author":[{"given":"Markus","family":"Jakobsson","sequence":"first","affiliation":[]},{"given":"Ari","family":"Juels","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2000,10,27]]},"reference":[{"key":"13_CR1","series-title":"Lect Notes Comput Sci","doi-asserted-by":"publisher","first-page":"437","DOI":"10.1007\/BFb0054144","volume-title":"EUROCRYPT\u2019 98","author":"M. Abe","year":"1998","unstructured":"M. Abe. Universally verifiable mix-net with verification work independent of the number of mix-servers. In K. Nyberg, ed., EUROCRYPT\u2019 98, pages 437\u2013447. Springer-Verlag, 1998. LNCS no. 1403."},{"key":"13_CR2","series-title":"Lect Notes Comput Sci","doi-asserted-by":"crossref","first-page":"258","DOI":"10.1007\/978-3-540-48000-6_21","volume-title":"ASIACRYPT\u2019 99","author":"M. Abe","year":"1999","unstructured":"M. Abe. A mix-network on permutation networks. In K.Y. Lam, C. Xing, and E. Okamoto, eds., ASIACRYPT\u2019 99, pages 258\u2013273, 1999. LNCS no. 1716."},{"key":"13_CR3","doi-asserted-by":"crossref","unstructured":"M. Bellare and P. Rogaway. Random oracles are practical: A paradigm for designing efficient protocols. In ACM CCS\u2019 93, pages 62\u201373. ACM, 1993.","DOI":"10.1145\/168588.168596"},{"key":"13_CR4","doi-asserted-by":"crossref","unstructured":"M. Ben-Or, S. Goldwasser, and A. Wigderson. Completeness theorems for noncryptographic fault-tolerant distributed computations. In STOC\u2019 88, pages 1\u201310. ACM, 1988.","DOI":"10.1145\/62212.62213"},{"key":"13_CR5","doi-asserted-by":"crossref","unstructured":"C. Cachin. Efficient private bidding and auctions with an oblivious third party. In G. Tsudik, ed., ACM CCS\u2019 99, pages 120\u2013127. ACM, 1999.","DOI":"10.1145\/319709.319726"},{"key":"13_CR6","series-title":"Lect Notes Comput Sci","doi-asserted-by":"crossref","first-page":"107","DOI":"10.1007\/3-540-48910-X_8","volume-title":"EUROCRYPT\u2019 99","author":"J. Camenisch","year":"1999","unstructured":"J. Camenisch and M. Michels. Proving that a number is the product of two safe primes. In J. Stern, ed., EUROCRYPT\u2019 99, pages 107\u2013122. Springer-Verlag, 1999. LNCS no. 1592."},{"issue":"1","key":"13_CR7","doi-asserted-by":"publisher","first-page":"143","DOI":"10.1007\/s001459910006","volume":"13","author":"R. Canetti","year":"2000","unstructured":"R. Canetti. Security and composition of multiparty cryptographic protocols. Journal of Cryptology, 13(1):143\u2013202, 2000.","journal-title":"Journal of Cryptology"},{"key":"13_CR8","series-title":"Lect Notes Comput Sci","doi-asserted-by":"crossref","first-page":"98","DOI":"10.1007\/3-540-48405-1_7","volume-title":"CRYPTO\u2019 99","author":"R. Canetti","year":"1999","unstructured":"R. Canetti, R. Gennaro, S. Jarecki, H. Krawczyk, and T. Rabin. Adaptive security for threshold cryptosystems. In M. Weiner, ed., CRYPTO\u2019 99, pages 98\u2013115. Springer-Verlag, 1999. LNCS no. 1166."},{"key":"13_CR9","series-title":"Lect Notes Comput Sci","first-page":"295","volume-title":"EUROCRYPT\u2019 99","author":"R. Canetti","year":"1999","unstructured":"R. Canetti, R. Gennaro, S. Jarecki, H. Krawczyk, and T. Rabin. The (in)security of distributed key generation in dlog-based cryptosystems. In J. Stern, ed., EUROCRYPT\u2019 99, pages 295\u2013310. Springer-Verlag, 1999. LNCS no. 1592."},{"issue":"2","key":"13_CR10","doi-asserted-by":"publisher","first-page":"84","DOI":"10.1145\/358549.358563","volume":"24","author":"D. Chaum","year":"1981","unstructured":"D. Chaum. Untraceable electronic mail, return addresses, and digital pseudonyms. Communications of the ACM, 24(2):84\u201388, 1981.","journal-title":"Communications of the ACM"},{"key":"13_CR11","doi-asserted-by":"crossref","unstructured":"D. Chaum, C. Cr\u00e9peau, and I. Damg\u00e5rd. Multiparty unconditionally secure protocols. In STOC\u2019 88, pages 11\u201319. ACM, 1988.","DOI":"10.1145\/62212.62214"},{"key":"13_CR12","series-title":"Lect Notes Comput Sci","first-page":"87","volume-title":"CRYPTO\u2019 87","author":"D. Chaum","year":"1987","unstructured":"D. Chaum, I. Damg\u00e5rd, and J. van de Graaf. Multiparty computations ensuring privacy of each party\u2019s input and correctness of the result. In C. Pomerance, ed., CRYPTO\u2019 87, pages 87\u2013119. Springer-Verlag, 1987. LNCS no. 293."},{"key":"13_CR13","series-title":"Lect Notes Comput Sci","first-page":"89","volume-title":"CRYPTO\u2019 92","author":"D. Chaum","year":"1992","unstructured":"D. Chaum and T.P. Pedersen. Wallet databases with observers. In E.F. Brickell, ed., CRYPTO\u2019 92, pages 89\u2013105. Springer-Verlag, 1992. LNCS no. 740."},{"key":"13_CR14","doi-asserted-by":"crossref","unstructured":"B. Chor, S. Goldwasser, S. Micali, and B. Awerbuch. Verifiable secret sharing and achieving simultaneity in the presence of faults. In FOCS\u2019 85, pages 383\u2013395. IEEE Computer Society, 1985.","DOI":"10.1109\/SFCS.1985.64"},{"key":"13_CR15","series-title":"Lect Notes Comput Sci","doi-asserted-by":"crossref","first-page":"311","DOI":"10.1007\/3-540-48910-X_22","volume-title":"EUROCRYPT\u2019 99","author":"R. Cramer","year":"1999","unstructured":"R. Cramer, I. Damg\u00e5rd, S. Dziembowski, M. Hirt, and T. Rabin. Efficient multiparty computations secure against an adaptive adversary. In J. Stern, ed., EUROCRYPT\u2019 99, pages 311\u2013326. Springer-Verlag, 1999. LNCS no. 1592."},{"key":"13_CR16","doi-asserted-by":"crossref","unstructured":"R. Cramer, I. Damg\u00e5rd, and J.B. Nielsen. Multiparty computation from threshold homomorphic encryption, 2000. IACR ePrint archive manuscript.","DOI":"10.7146\/brics.v7i14.20141"},{"key":"13_CR17","series-title":"Lect Notes Comput Sci","doi-asserted-by":"crossref","first-page":"174","DOI":"10.1007\/3-540-48658-5_19","volume-title":"CRYPTO\u2019 94","author":"R. Cramer","year":"1994","unstructured":"R. Cramer, I. Damg\u00e5rd, and B. Schoenmakers. Proofs of partial knowledge and simplified design of witness hiding protocols. In Y.G. Desmedt, ed., CRYPTO\u2019 94, pages 174\u2013187. Springer-Verlag, 1994. LNCS no. 839."},{"key":"13_CR18","series-title":"Lect Notes Comput Sci","doi-asserted-by":"crossref","first-page":"13","DOI":"10.1007\/BFb0055717","volume-title":"CRYPTO\u2019 98","author":"R. Cramer","year":"1998","unstructured":"R. Cramer and V. Shoup. A practical public-key cryptosystem provably secure against adaptive chosen ciphertext attack. In H. Krawczyk, ed., CRYPTO\u2019 98, pages 13\u201325. Springer-Verlag, 1998. LNCS no. 1462."},{"key":"13_CR19","doi-asserted-by":"crossref","unstructured":"G. Di Crescenzo. Private selective payment protocols. In P. Syverson, ed., Financial Cryptography\u2019 00, 2000. To appear.","DOI":"10.1007\/3-540-45472-1_6"},{"key":"13_CR20","series-title":"Lect Notes Comput Sci","first-page":"186","volume-title":"EUROCRYPT\u2019 86","author":"A. Fiat","year":"1986","unstructured":"A. Fiat and A. Shamir. How to prove yourself: Practical solutions to identification and signature problems. In J. L. Massey, ed., EUROCRYPT\u2019 86, pages 186\u2013194. Springer-Verlag, 1986. LNCS no. 263."},{"issue":"5","key":"13_CR21","doi-asserted-by":"publisher","first-page":"302","DOI":"10.1109\/32.502223","volume":"22","author":"M. Franklin","year":"1996","unstructured":"M. Franklin and M. Reiter. The design and implementation of a secure auction server. IEEE Transactions on Software Engineering, 22(5):302\u2013312, 1996.","journal-title":"IEEE Transactions on Software Engineering"},{"issue":"4","key":"13_CR22","doi-asserted-by":"publisher","first-page":"217","DOI":"10.1007\/s001459900013","volume":"9","author":"M.K. Franklin","year":"1996","unstructured":"M.K. Franklin and S. Haber. Joint encryption and message-efficient secure computation. Journal of Cryptology, 9(4):217\u2013232, 1996.","journal-title":"Journal of Cryptology"},{"key":"13_CR23","series-title":"Lect Notes Comput Sci","first-page":"244","volume-title":"AUSCRYPT\u2019 92","author":"A. Fujioka","year":"1992","unstructured":"A. Fujioka, T. Okamoto, and K. Ohta. A practical secret voting scheme for large scale elections. In J. Seberry and Y. Zheng, eds., AUSCRYPT\u2019 92, pages 244\u2013251. Springer-Verlag, 1992. LNCS no. 718."},{"key":"13_CR24","doi-asserted-by":"publisher","first-page":"469","DOI":"10.1109\/TIT.1985.1057074","volume":"31","author":"T. E. Gamal","year":"1985","unstructured":"T. El Gamal. A public key cryptosystem and a signature scheme based on discrete logarithms. IEEE Transactions on Information Theory, 31:469\u2013472, 1985.","journal-title":"IEEE Transactions on Information Theory"},{"key":"13_CR25","series-title":"Lect Notes Comput Sci","doi-asserted-by":"crossref","first-page":"354","DOI":"10.1007\/3-540-68339-9_31","volume-title":"EUROCRYPT\u2019 96","author":"R. Gennaro","year":"1996","unstructured":"R. Gennaro, S. Jarecki, H. Krawczyk, and T. Rabin. Robust threshold DSS signatures. In U. Maurer, ed., EUROCRYPT\u2019 96, pages 354\u2013371. Springer-Verlag, 1996. LNCS no. 1070."},{"key":"13_CR26","doi-asserted-by":"crossref","unstructured":"R. Gennaro, M. Rabin, and T. Rabin. Simplified VSS and fast-track multiparty computations with applications to threshold cryptography. In PODC\u2019 98, pages 101\u2013111. ACM, 1998.","DOI":"10.1145\/277697.277716"},{"key":"13_CR27","doi-asserted-by":"crossref","unstructured":"O. Goldreich, S. Micali, and A. Wigderson. How to play any mental game. In STOC\u2019 87, pages 218\u2013229. ACM, 1987.","DOI":"10.1145\/28395.28420"},{"issue":"1","key":"13_CR28","doi-asserted-by":"publisher","first-page":"270","DOI":"10.1016\/0022-0000(84)90070-9","volume":"28","author":"S. Goldwasser","year":"1984","unstructured":"S. Goldwasser and S. Micali. Probabilistic encryption. J. Comp. Sys. Sci, 28(1):270\u2013299, 1984.","journal-title":"J. Comp. Sys. Sci"},{"key":"13_CR29","unstructured":"M. Harkavy, J.D. Tygar, and H. Kikuchi. Electronic auctions with private bids. In 3rd USENIX Workshop on Electronic Commerce, pages 61\u201373, 1999."},{"key":"13_CR30","doi-asserted-by":"crossref","unstructured":"M. Hirt, U. Maurer, and B. Przydatek. Efficient secure multi-party computation. In T. Okamoto, ed., ASIACRYPT\u2019 00, 2000. To appear.","DOI":"10.1007\/3-540-44448-3_12"},{"key":"13_CR31","series-title":"Lect Notes Comput Sci","first-page":"125","volume-title":"ASIACRYPT\u2019 96","author":"P. Horster","year":"1996","unstructured":"P. Horster, M. Michels, and H. Petersen. Some remarks on a receipt free and universally verifiable mix-type voting scheme. In K. Kim and T. Matsumoto, eds., ASIACRYPT\u2019 96, pages 125\u2013132. Springer-Verlag, 1996. LNCS no. 1163."},{"key":"13_CR32","series-title":"Lect Notes Comput Sci","doi-asserted-by":"publisher","first-page":"448","DOI":"10.1007\/BFb0054145","volume-title":"EUROCRYPT\u2019 98","author":"M. Jakobsson","year":"1998","unstructured":"M. Jakobsson. A practical mix. In K. Nyberg, ed., EUROCRYPT\u2019 98, pages 448\u2013461. Springer-Verlag, 1998. LNCS no. 1403."},{"key":"13_CR33","doi-asserted-by":"crossref","unstructured":"M. Jakobsson. Flash mixing. In PODC\u2019 99, pages 83\u201389. ACM, 1999.","DOI":"10.1145\/301308.301333"},{"key":"13_CR34","unstructured":"M. Jakobsson and A. Juels. Millimix: Mixing in small batches, June 1999. DIMACS Technical Report 99-33."},{"key":"13_CR35","doi-asserted-by":"crossref","unstructured":"A.J. Menezes, P.C. van Oorschot, and S.A. Vanstone. Handbook of Applied Cryptography. CRC Press, 1996.","DOI":"10.1201\/9781439821916"},{"key":"13_CR36","doi-asserted-by":"crossref","unstructured":"M. Naor, B. Pinkas, and R. Sumner. Privacy preserving auctions and mechanism design. In 1st ACM Conf. on Electronic Commerce, pages 129\u2013139. ACM, 1999.","DOI":"10.1145\/336992.337028"},{"key":"13_CR37","series-title":"Lect Notes Comput Sci","doi-asserted-by":"crossref","first-page":"440","DOI":"10.1007\/BFb0028500","volume-title":"ICICS\u2019 97","author":"W. Ogata","year":"1997","unstructured":"W. Ogata, K. Kurosawa, K. Sako, and K. Takatani. Fault tolerant anonymous channel. In ICICS\u2019 97, pages 440\u2013444. Springer-Verlag, 1997. LNCS no. 1334."},{"key":"13_CR38","series-title":"Lect Notes Comput Sci","volume-title":"EUROCRYPT\u2019 93","author":"C. Park","year":"1993","unstructured":"C. Park, K. Itoh, and K. Kurosawa. All\/nothing election scheme and anonymous channel. In T. Helleseth, ed., EUROCRYPT\u2019 93. Springer-Verlag, 1993. LNCS no. 921."},{"key":"13_CR39","series-title":"Lect Notes Comput Sci","first-page":"129","volume-title":"CRYPTO\u2019 91","author":"T. Pedersen","year":"1991","unstructured":"T. Pedersen. Non-interactive and information-theoretic secure verifiable secret sharing. In J. Feigenbaum, ed., CRYPTO\u2019 91, pages 129\u2013140. Springer-Verlag, 1991. LNCS no. 576."},{"key":"13_CR40","series-title":"Lect Notes Comput Sci","doi-asserted-by":"crossref","first-page":"422","DOI":"10.1007\/978-3-540-46588-1_28","volume-title":"PKC\u2019 00","author":"K. Sako","year":"2000","unstructured":"K. Sako. An auction protocol which hides bids of losers. In H. Imai and Y. Zheng, editors, PKC\u2019 00, pages 422\u2013432. Springer-Verlag, 2000. LNCS no. 1751."},{"key":"13_CR41","series-title":"Lect Notes Comput Sci","volume-title":"EUROCRYPT\u2019 95","author":"K. Sako","year":"1995","unstructured":"K. Sako and J. Kilian. Receipt-free mix-type voting scheme-a practical solution to the implementation of a voting booth. In L.C. Guillou and J.-J. Quisquater, eds., EUROCRYPT\u2019 95. Springer-Verlag, 1995. LNCS no. 921."},{"key":"13_CR42","doi-asserted-by":"publisher","first-page":"161","DOI":"10.1007\/BF00196725","volume":"4","author":"C.P. Schnorr","year":"1991","unstructured":"C.P. Schnorr. Efficient signature generation by smart cards. Journal of Cryptology, 4:161\u2013174, 1991.","journal-title":"Journal of Cryptology"},{"key":"13_CR43","series-title":"Lect Notes Comput Sci","doi-asserted-by":"crossref","first-page":"117","DOI":"10.1007\/BFb0054019","volume-title":"PKC\u2019 98","author":"Y. Tsiounis","year":"1998","unstructured":"Y. Tsiounis and M. Yung. On the security of ElGamal-based encryption. In H. Imai and Y. Zheng, eds., PKC\u2019 98, pages 117\u2013134. Springer-Verlag, 1998. LNCS no. 1431."},{"key":"13_CR44","unstructured":"A.C. Yao. Protocols for secure computations (extended abstract). In FOCS\u2019 82, pages 160\u2013164. IEEE Computer Society, 1982."}],"container-title":["Lecture Notes in Computer Science","Advances in Cryptology \u2014 ASIACRYPT 2000"],"original-title":[],"link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/3-540-44448-3_13","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,4,28]],"date-time":"2019-04-28T23:13:28Z","timestamp":1556493208000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/3-540-44448-3_13"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2000]]},"ISBN":["9783540414049","9783540444480"],"references-count":44,"URL":"https:\/\/doi.org\/10.1007\/3-540-44448-3_13","relation":{},"ISSN":["0302-9743"],"issn-type":[{"value":"0302-9743","type":"print"}],"subject":[],"published":{"date-parts":[[2000]]}}}