{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,3,25]],"date-time":"2025-03-25T14:07:52Z","timestamp":1742911672808,"version":"3.40.3"},"publisher-location":"Berlin, Heidelberg","reference-count":60,"publisher":"Springer Berlin Heidelberg","isbn-type":[{"type":"print","value":"9783662493861"},{"type":"electronic","value":"9783662493878"}],"license":[{"start":{"date-parts":[[2016,1,1]],"date-time":"2016-01-01T00:00:00Z","timestamp":1451606400000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2016]]},"DOI":"10.1007\/978-3-662-49387-8_12","type":"book-chapter","created":{"date-parts":[[2016,2,17]],"date-time":"2016-02-17T14:25:41Z","timestamp":1455719141000},"page":"297-326","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":3,"title":["Very-Efficient Simulatable Flipping of Many Coins into a Well"],"prefix":"10.1007","author":[{"given":"Lu\u00eds T. A. N.","family":"Brand\u00e3o","sequence":"first","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2016,2,18]]},"reference":[{"key":"12_CR1","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"673","DOI":"10.1007\/978-3-662-46800-5_26","volume-title":"Advances in Cryptology \u2013 EUROCRYPT 2015","author":"G Asharov","year":"2015","unstructured":"Asharov, G., Lindell, Y., Schneider, T., Zohner, M.: More efficient oblivious transfer extensions with security for malicious adversaries. In: Oswald, E., Fischlin, M. (eds.) EUROCRYPT 2015. LNCS, vol. 9056, pp. 673\u2013701. Springer, Heidelberg (2015). doi:\n 10.1007\/978-3-662-46800-5_26\n \n . Also at \n ia.cr\/2015\/061"},{"key":"12_CR2","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"534","DOI":"10.1007\/978-3-642-38980-1_34","volume-title":"Applied Cryptography and Network Security","author":"O Blazy","year":"2013","unstructured":"Blazy, O., Chevalier, C., Pointcheval, D., Vergnaud, D.: Analysis and improvement of Lindell\u2019s uc-secure commitment schemes. In: Jacobson, M., Locasto, M., Mohassel, P., Safavi-Naini, R. (eds.) ACNS 2013. LNCS, vol. 7954, pp. 534\u2013551. Springer, Heidelberg (2013). doi:\n 10.1007\/978-3-642-38980-1_34\n \n . Also at \n ia.cr\/2013123"},{"key":"12_CR3","doi-asserted-by":"publisher","unstructured":"Beaver, D.: Adaptive zero knowledge and computational equivocation (extended abstract). In: STOC 1996, pp. 629\u2013638. ACM, New York (1996). doi:\n 10.1145\/237814.238014","DOI":"10.1145\/237814.238014"},{"key":"12_CR4","doi-asserted-by":"publisher","unstructured":"Barker, E., Kelsey, J.: Recommendation for Random Number Generation Using Deterministic Random Bit Generators, NIST SP800-90A Rev. 1, NIST-ITL-CSD, U.S. Department of Commerce, June 2015. doi:\n 10.6028\/NIST.SP.800-90Ar1","DOI":"10.6028\/NIST.SP.800-90Ar1"},{"key":"12_CR5","doi-asserted-by":"publisher","first-page":"23","DOI":"10.1145\/1008908.1008911","volume":"15","author":"M Blum","year":"1983","unstructured":"Blum, M.: Coin flipping by telephone \u2013 a protocol for solving impossible problems. SIGACT News 15, 23\u201327 (1983). doi:\n 10.1145\/1008908.1008911\n \n . Appeared also at CRYPTO 1981","journal-title":"SIGACT News"},{"key":"12_CR6","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"441","DOI":"10.1007\/978-3-642-42045-0_23","volume-title":"Advances in Cryptology - ASIACRYPT 2013","author":"LTAN Brand\u00e3o","year":"2013","unstructured":"Brand\u00e3o, L.T.A.N.: Secure two-party computation with reusable bit-commitments, via a cut-and-choose with forge-and-lose technique. In: Sako, K., Sarkar, P. (eds.) ASIACRYPT 2013, Part II. LNCS, vol. 8270, pp. 441\u2013463. Springer, Heidelberg (2013). doi:\n 10.1007\/978-3-642-42045-0_23\n \n . Also at \n ia.cr\/2013\/577"},{"issue":"1","key":"12_CR7","doi-asserted-by":"publisher","first-page":"143","DOI":"10.1007\/s001459910006","volume":"13","author":"R Canetti","year":"2000","unstructured":"Canetti, R.: Security and composition of multiparty cryptographic protocols. J. Cryptol. 13(1), 143\u2013202 (2000). doi:\n 10.1007\/s001459910006\n \n . Also at \n ia.cr\/1998\/018","journal-title":"J. Cryptol."},{"key":"12_CR8","doi-asserted-by":"publisher","unstructured":"Canetti, R.: Universally composable security: a new paradigm for cryptographic protocols. In: FOCS 2001, pp. 136\u2013145. IEEE (2001). doi:\n 10.1109\/SFCS.2001.959888\n \n , Also at \n ia.cr\/2000\/067","DOI":"10.1109\/SFCS.2001.959888"},{"key":"12_CR9","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"495","DOI":"10.1007\/978-3-662-46447-2_22","volume-title":"Public-Key Cryptography \u2013 PKC 2015","author":"I Cascudo","year":"2015","unstructured":"Cascudo, I., Damg\u00e5rd, I., David, B., Giacomelli, I., Nielsen, J.B., Trifiletti, R.: Additively homomorphic UC commitments with optimal amortized overhead. In: Katz, J. (ed.) PKC 2015. LNCS, vol. 9020, pp. 495\u2013515. Springer, Heidelberg (2015). doi:\n 10.1007\/978-3-662-46447-2_22\n \n . Also at \n ia.cr\/2014\/829"},{"key":"12_CR10","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"19","DOI":"10.1007\/3-540-44647-8_2","volume-title":"Advances in Cryptology - CRYPTO 2001","author":"R Canetti","year":"2001","unstructured":"Canetti, R., Fischlin, M.: Universally composable commitments. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, pp. 19\u201340. Springer, Heidelberg (2001). doi:\n 10.1007\/3-540-44647-8_2\n \n . Also at \n ia.cr\/2001\/055"},{"key":"12_CR11","doi-asserted-by":"publisher","unstructured":"Canetti, R., Lindell, Y., Ostrovsky, R., Sahai, A.: Universally composable two-party and multi-party secure computation. In: STOC 2002, pp. 494\u2013503. ACM, New York (2002). doi:\n 10.1145\/509907.509980\n \n , Also at \n ia.cr\/2002\/140","DOI":"10.1145\/509907.509980"},{"key":"12_CR12","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"265","DOI":"10.1007\/978-3-540-45146-4_16","volume-title":"Advances in Cryptology - CRYPTO 2003","author":"R Canetti","year":"2003","unstructured":"Canetti, R., Rabin, T.: Universal composition with joint state. In: Boneh, D. (ed.) CRYPTO 2003. LNCS, vol. 2729, pp. 265\u2013281. Springer, Heidelberg (2003). doi:\n 10.1007\/978-3-540-45146-4_16\n \n . Also at \n ia.cr\/2002\/047"},{"key":"12_CR13","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"74","DOI":"10.1007\/3-540-36413-7_6","volume-title":"Security in Communication Networks","author":"G Crescenzo Di","year":"2003","unstructured":"Di Crescenzo, G.: Equivocable and extractable commitment schemes. In: Cimato, S., Galdi, C., Persiano, G. (eds.) SCN 2002. LNCS, vol. 2576, pp. 74\u201387. Springer, Heidelberg (2003). doi:\n 10.1007\/3-540-36413-7_6"},{"key":"12_CR14","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"203","DOI":"10.1007\/3-540-39118-5_19","volume-title":"Advances in Cryptology - EUROCRYPT 1987","author":"IB Damg\u00e5rd","year":"1988","unstructured":"Damg\u00e5rd, I.B.: Collision free hash functions and public key signature schemes. In: Price, W.L., Chaum, D. (eds.) EUROCRYPT 1987. LNCS, vol. 304, pp. 203\u2013216. Springer, Heidelberg (1988). doi:\n 10.1007\/3-540-39118-5_19"},{"key":"12_CR15","doi-asserted-by":"publisher","unstructured":"Di Crescenzo, G., Ishai, Y., Ostrovsky, R.: Non-interactive and non-malleable commitment. In: STOC 1998, pp. 141\u2013150. ACM, New York (1998). doi:\n 10.1145\/276698.276722","DOI":"10.1145\/276698.276722"},{"key":"12_CR16","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"40","DOI":"10.1007\/3-540-44987-6_4","volume-title":"Advances in Cryptology - EUROCRYPT 2001","author":"G Crescenzo Di","year":"2001","unstructured":"Di Crescenzo, G., Katz, J., Ostrovsky, R., Smith, A.: Efficient and non-interactive non-malleable commitment. In: Pfitzmann, B. (ed.) EUROCRYPT 2001. LNCS, vol. 2045, pp. 40\u201359. Springer, Heidelberg (2001). doi:\n 10.1007\/3-540-44987-6_4\n \n . Also at \n ia.cr\/2001\/032"},{"key":"12_CR17","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"485","DOI":"10.1007\/3-540-48405-1_31","volume-title":"Advances in Cryptology - CRYPTO \u201999","author":"G Crescenzo Di","year":"1999","unstructured":"Di Crescenzo, G., Ostrovsky, R.: On concurrent zero-knowledge with pre-processing (extended abstract). In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 485\u2013502. Springer, Heidelberg (1999). doi:\n 10.1007\/3-540-48405-1_31"},{"key":"12_CR18","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"213","DOI":"10.1007\/978-3-662-45608-8_12","volume-title":"Advances in Cryptology \u2013 ASIACRYPT 2014","author":"I Damg\u00e5rd","year":"2014","unstructured":"Damg\u00e5rd, I., David, B., Giacomelli, I., Nielsen, J.B.: Compact VSS and efficient homomorphic UC commitments. In: Sarkar, P., Iwata, T. (eds.) ASIACRYPT 2014, Part II. LNCS, vol. 8874, pp. 213\u2013232. Springer, Heidelberg (2014). doi:\n 10.1007\/978-3-662-45608-8_12\n \n . Also at \n ia.cr\/2014\/370"},{"key":"12_CR19","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"52","DOI":"10.1007\/978-3-642-10366-7_4","volume-title":"Advances in Cryptology \u2013 ASIACRYPT 2009","author":"I Damg\u00e5rd","year":"2009","unstructured":"Damg\u00e5rd, I., Lunemann, C.: Quantum-secure coin-flipping and applications. In: Matsui, M. (ed.) ASIACRYPT 2009. LNCS, vol. 5912, pp. 52\u201369. Springer, Heidelberg (2009). doi:\n 10.1007\/978-3-642-10366-7_4\n \n . Also at \n arXiv:0903.3118"},{"key":"12_CR20","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"581","DOI":"10.1007\/3-540-45708-9_37","volume-title":"Advances in Cryptology - CRYPTO 2002","author":"IB Damg\u00e5rd","year":"2002","unstructured":"Damg\u00e5rd, I.B., Nielsen, J.B.: Perfect hiding and perfect binding universally composable commitment schemes with constant expansion factor. In: Yung, M. (ed.) CRYPTO 2002. LNCS, vol. 2442, pp. 581\u2013596. Springer, Heidelberg (2002). doi:\n 10.1007\/3-540-45708-9_37\n \n . Also at \n ia.cr\/2001\/091"},{"key":"12_CR21","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"109","DOI":"10.1007\/978-3-642-11799-2_8","volume-title":"Theory of Cryptography","author":"I Damg\u00e5rd","year":"2010","unstructured":"Damg\u00e5rd, I., Nielsen, J.B., Orlandi, C.: On the necessary and sufficient assumptions for UC computation. In: Micciancio, D. (ed.) TCC 2010. LNCS, vol. 5978, pp. 109\u2013127. Springer, Heidelberg (2010). doi:\n 10.1007\/978-3-642-11799-2_8\n \n . Also at \n ia.cr\/2009\/247"},{"key":"12_CR22","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"558","DOI":"10.1007\/978-3-642-14623-7_30","volume-title":"Advances in Cryptology \u2013 CRYPTO 2010","author":"I Damg\u00e5rd","year":"2010","unstructured":"Damg\u00e5rd, I., Orlandi, C.: Multiparty computation for dishonest majority: from passive to active security at low cost. In: Rabin, T. (ed.) CRYPTO 2010. LNCS, vol. 6223, pp. 558\u2013576. Springer, Heidelberg (2010). doi:\n 10.1007\/978-3-642-14623-7_30\n \n . Also at \n ia.cr\/2010\/318"},{"key":"12_CR23","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"10","DOI":"10.1007\/3-540-39568-7_2","volume-title":"Advances in Cryptology","author":"T El Gamal","year":"1985","unstructured":"El Gamal, T.: A public key cryptosystem and a signature scheme based on discrete logarithms. In: Blakely, G.R., Chaum, D. (eds.) CRYPTO 1984. LNCS, vol. 196, pp. 10\u201318. Springer, Heidelberg (1985). doi:\n 10.1007\/3-540-39568-7_2"},{"key":"12_CR24","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"542","DOI":"10.1007\/978-3-662-49096-9_23","volume-title":"Theory of Cryptography","author":"TK Frederiksen","year":"2016","unstructured":"Frederiksen, T.K., Jakobsen, T.P., Nielsen, J.B., Trifiletti, R.: On the complexity of additively homomorphic UC commitments. In: Kushilevitz, E., Malkin, T. (eds.) TCC 2016-A. LNCS, vol. 9562, pp. 542\u2013565. Springer, Heidelberg (2016). doi:\n 10.1007\/978-3-662-49096-9_23\n \n . Also at \n ia.cr\/2015\/694"},{"key":"12_CR25","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"468","DOI":"10.1007\/978-3-642-25385-0_25","volume-title":"Advances in Cryptology \u2013 ASIACRYPT 2011","author":"M Fischlin","year":"2011","unstructured":"Fischlin, M., Libert, B., Manulis, M.: Non-interactive and re-usable universally composable string commitments with adaptive security. In: Lee, D.H., Wang, X. (eds.) ASIACRYPT 2011. LNCS, vol. 7073, pp. 468\u2013485. Springer, Heidelberg (2011). doi:\n 10.1007\/978-3-642-25385-0_25"},{"key":"12_CR26","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"526","DOI":"10.1007\/0-387-34805-0_46","volume-title":"Advances in Cryptology - CRYPTO 1989","author":"U Feige","year":"1990","unstructured":"Feige, U., Shamir, A.: Zero knowledge proofs of knowledge in two rounds. In: Brassard, G. (ed.) CRYPTO 1989. LNCS, vol. 435, pp. 526\u2013544. Springer, New York (1990). doi:\n 10.1007\/0-387-34805-0_46"},{"key":"12_CR27","series-title":"Lectuer Notes in Computer Science","doi-asserted-by":"publisher","first-page":"426","DOI":"10.1007\/978-3-662-45608-8_23","volume-title":"Advances in Cryptology \u2013 ASIACRYPT 2014","author":"E Fujisaki","year":"2014","unstructured":"Fujisaki, E.: All-but-many encryption. In: Sarkar, P., Iwata, T. (eds.) ASIACRYPT 2014. LNCS, vol. 8874, pp. 426\u2013447. Springer, Heidelberg (2014). doi:\n 10.1007\/978-3-662-45608-8_23\n \n . Also at \n ia.cr\/2012\/379"},{"key":"12_CR28","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"677","DOI":"10.1007\/978-3-642-55220-5_37","volume-title":"Advances in Cryptology \u2013 EUROCRYPT 2014","author":"JA Garay","year":"2014","unstructured":"Garay, J.A., Ishai, Y., Kumaresan, R., Wee, H.: On the complexity of UC commitments. In: Nguyen, P.Q., Oswald, E. (eds.) EUROCRYPT 2014. LNCS, vol. 8441, pp. 677\u2013694. Springer, Heidelberg (2014). doi:\n 10.1007\/978-3-642-55220-5_37"},{"issue":"3","key":"12_CR29","doi-asserted-by":"publisher","first-page":"167","DOI":"10.1007\/s001459900010","volume":"9","author":"O Goldreich","year":"1996","unstructured":"Goldreich, O., Kahan, A.: How to construct constant-round zero-knowledge proof systems for NP. J. Cryptol. 9(3), 167\u2013189 (1996). doi:\n 10.1007\/BF00208001","journal-title":"J. Cryptol."},{"key":"12_CR30","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"289","DOI":"10.1007\/978-3-540-78967-3_17","volume-title":"Advances in Cryptology \u2013 EUROCRYPT 2008","author":"V Goyal","year":"2008","unstructured":"Goyal, V., Mohassel, P., Smith, A.: Efficient two party and multi party computation against covert adversaries. In: Smart, N.P. (ed.) EUROCRYPT 2008. LNCS, vol. 4965, pp. 289\u2013306. Springer, Heidelberg (2008). doi:\n 10.1007\/978-3-540-78967-3_17"},{"key":"12_CR31","series-title":"Basic Applications","doi-asserted-by":"publisher","DOI":"10.1017\/CBO9780511721656","volume-title":"Foundations of Cryptography","author":"O Goldreich","year":"2004","unstructured":"Goldreich, O.: Foundations of Cryptography. Basic Applications, vol. 2. Cambridge University Press, New York (2004). doi:\n 10.1017\/CBO9780511721656\n \n . isbn: 9780521830843"},{"issue":"4","key":"12_CR32","doi-asserted-by":"publisher","first-page":"1364","DOI":"10.1137\/S0097539793244708","volume":"28","author":"J H\u00e5stad","year":"1999","unstructured":"H\u00e5stad, J., Impagliazzo, R., Levin, L.A., Luby, M.: A pseudorandom generator from any one-way function. SIAM J. Comput. 28(4), 1364\u20131396 (1999). doi:\n 10.1137\/S0097539793244708","journal-title":"SIAM J. Comput."},{"key":"12_CR33","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"18","DOI":"10.1007\/978-3-642-40084-1_2","volume-title":"Advances in Cryptology \u2013 CRYPTO 2013","author":"Y Huang","year":"2013","unstructured":"Huang, Y., Katz, J., Evans, D.: Efficient secure two-party computation using symmetric cut-and-choose. In: Canetti, R., Garay, J.A. (eds.) CRYPTO 2013, Part II. LNCS, vol. 8043, pp. 18\u201335. Springer, Heidelberg (2013). doi:\n 10.1007\/978-3-642-40084-1_2\n \n . Also at \n ia.cr\/2013\/081"},{"key":"12_CR34","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"504","DOI":"10.1007\/11761679_30","volume-title":"Advances in Cryptology - EUROCRYPT 2006","author":"D Hofheinz","year":"2006","unstructured":"Hofheinz, D., M\u00fcller-Quade, J., Unruh, D.: On the (im-)possibility of extending coin toss. In: Vaudenay, S. (ed.) EUROCRYPT 2006. LNCS, vol. 4004, pp. 504\u2013521. Springer, Heidelberg (2006). doi:\n 10.1007\/11761679_30\n \n . Also at \n ia.cr\/2006\/177"},{"key":"12_CR35","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"136","DOI":"10.1007\/3-540-48329-2_12","volume-title":"Advances in Cryptology - CRYPTO 1993","author":"H Krawczyk","year":"1994","unstructured":"Krawczyk, H.: Secret sharing made short. In: Stinson, D.R. (ed.) CRYPTO 1993. LNCS, vol. 773, pp. 136\u2013146. Springer, Heidelberg (1994). doi:\n 10.1007\/3-540-48329-2_12"},{"key":"12_CR36","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"486","DOI":"10.1007\/978-3-540-70583-3_40","volume-title":"Automata, Languages and Programming","author":"V Kolesnikov","year":"2008","unstructured":"Kolesnikov, V., Schneider, T.: Improved garbled circuit: free XOR gates and applications. In: Aceto, L., Damg\u00e5rd, I., Goldberg, L.A., Halld\u00f3rsson, M.M., Ing\u00f3lfsd\u00f3ttir, A., Walukiewicz, I. (eds.) ICALP 2008, Part II. LNCS, vol. 5126, pp. 486\u2013498. Springer, Heidelberg (2008). doi:\n 10.1007\/978-3-540-70583-3_40"},{"issue":"3","key":"12_CR37","doi-asserted-by":"publisher","first-page":"143","DOI":"10.1007\/s00145-002-0143-7","volume":"16","author":"Y Lindell","year":"2003","unstructured":"Lindell, Y.: Parallel coin-tossing and constant-round secure two-party computation. J. Cryptol. 16(3), 143\u2013184 (2003). doi:\n 10.1007\/s00145-002-0143-7\n \n . Also at \n ia.cr\/2001\/107","journal-title":"J. Cryptol."},{"key":"12_CR38","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"446","DOI":"10.1007\/978-3-642-20465-4_25","volume-title":"Advances in Cryptology \u2013 EUROCRYPT 2011","author":"Y Lindell","year":"2011","unstructured":"Lindell, Y.: Highly-efficient universally-composable commitments based on the DDH assumption. In: Paterson, K.G. (ed.) EUROCRYPT 2011. LNCS, vol. 6632, pp. 446\u2013466. Springer, Heidelberg (2011). doi:\n 10.1007\/978-3-642-20465-4_25\n \n . Also at \n ia.cr\/2011\/180"},{"key":"12_CR39","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1007\/978-3-642-40084-1_1","volume-title":"Advances in Cryptology \u2013 CRYPTO 2013","author":"Y Lindell","year":"2013","unstructured":"Lindell, Y.: Fast cut-and-choose based protocols for malicious and covert adversaries. In: Canetti, R., Garay, J.A. (eds.) CRYPTO 2013, Part II. LNCS, vol. 8043, pp. 1\u201317. Springer, Heidelberg (2013). doi:\n 10.1007\/978-3-642-40084-1_1\n \n . Also at \n ia.cr\/2013\/079"},{"key":"12_CR40","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"93","DOI":"10.1007\/978-3-662-46494-6_5","volume-title":"Theory of Cryptography","author":"Y Lindell","year":"2015","unstructured":"Lindell, Y.: An efficient transform from sigma protocols to NIZK with a CRS and non-programmable random oracle. In: Dodis, Y., Nielsen, J.B. (eds.) TCC 2015, Part I. LNCS, vol. 9014, pp. 93\u2013109. Springer, Heidelberg (2015). doi:\n 10.1007\/978-3-662-46494-6_5\n \n . Also at \n ia.cr\/2014\/710"},{"key":"12_CR41","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"21","DOI":"10.1007\/978-3-642-21969-6_2","volume-title":"Progress in Cryptology \u2013 AFRICACRYPT 2011","author":"C Lunemann","year":"2011","unstructured":"Lunemann, C., Nielsen, J.B.: Fully simulatable quantum-secure coin-flipping and applications. In: Nitaj, A., Pointcheval, D. (eds.) AFRICACRYPT 2011. LNCS, vol. 6737, pp. 21\u201340. Springer, Heidelberg (2011). doi:\n 10.1007\/978-3-642-21969-6_2\n \n . Also at \n ia.cr\/2011\/065"},{"key":"12_CR42","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"2","DOI":"10.1007\/978-3-540-85855-3_2","volume-title":"Security and Cryptography for Networks","author":"Y Lindell","year":"2008","unstructured":"Lindell, Y., Pinkas, B., Smart, N.P.: Implementing two-party computation efficiently with security against malicious adversaries. In: Ostrovsky, R., De Prisco, R., Visconti, I. (eds.) SCN 2008. LNCS, vol. 5229, pp. 2\u201320. Springer, Heidelberg (2008). doi:\n 10.1007\/978-3-540-85855-3_2"},{"key":"12_CR43","doi-asserted-by":"publisher","unstructured":"Luby, M.: LT codes. In: FOCS 2002, pp. 271\u2013280. IEEE (2002). doi:\n 10.1109\/SFCS.2002.1181950","DOI":"10.1109\/SFCS.2002.1181950"},{"issue":"2","key":"12_CR44","doi-asserted-by":"publisher","first-page":"151","DOI":"10.1007\/BF00196774","volume":"4","author":"M Naor","year":"1991","unstructured":"Naor, M.: Bit commitment using pseudorandomness. J. Cryptol. 4(2), 151\u2013158 (1991). doi:\n 10.1007\/BF00196774","journal-title":"J. Cryptol."},{"key":"12_CR45","doi-asserted-by":"publisher","unstructured":"National Institute of Standards and Technology, SHA-3 Standard: Permutation-Based Hash and Extendable-Output Functions. FIPS Pub 202, NIST-ITL, U.S. Department of Commerce, August 2015. doi:\n 10.6028\/NIST.FIPS.202","DOI":"10.6028\/NIST.FIPS.202"},{"key":"12_CR46","doi-asserted-by":"publisher","unstructured":"Naor, M., Yung, M.: Universal one-way hash functions and their cryptographic applications. In: STOC 1989, pp. 33\u201343. ACM, New York (1989). doi:\n 10.1145\/73007.73011","DOI":"10.1145\/73007.73011"},{"key":"12_CR47","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"129","DOI":"10.1007\/3-540-46766-1_9","volume-title":"Advances in Cryptology - CRYPTO 1991","author":"TP Pedersen","year":"1992","unstructured":"Pedersen, T.P.: Non-interactive and information-theoretic secure verifiable secret sharing. In: Feigenbaum, J. (ed.) CRYPTO 1991. LNCS, vol. 576, pp. 129\u2013140. Springer, Heidelberg (1992). doi:\n 10.1007\/3-540-46766-1_9"},{"key":"12_CR48","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"403","DOI":"10.1007\/978-3-642-00457-5_24","volume-title":"Theory of Cryptography","author":"R Pass","year":"2009","unstructured":"Pass, R., Wee, H.: Black-box constructions of two-party protocols from one-way functions. In: Reingold, O. (ed.) TCC 2009. LNCS, vol. 5444, pp. 403\u2013418. Springer, Heidelberg (2009). doi:\n 10.1007\/978-3-642-00457-5_24"},{"issue":"2","key":"12_CR49","doi-asserted-by":"publisher","first-page":"335","DOI":"10.1145\/62044.62050","volume":"36","author":"MO Rabin","year":"1989","unstructured":"Rabin, M.O.: Efficient dispersal of information for security, load balancing, and fault tolerance. J. ACM 36(2), 335\u2013348 (1989). doi:\n 10.1145\/62044.62050","journal-title":"J. ACM"},{"key":"12_CR50","doi-asserted-by":"publisher","unstructured":"Rompel, J.: One-way functions are necessary and sufficient for secure signatures. In: STOC 1990, pp. 387\u2013394. ACM, New York (1990). doi:\n 10.1145\/100216.100269","DOI":"10.1145\/100216.100269"},{"key":"12_CR51","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"191","DOI":"10.1007\/978-3-540-24638-1_11","volume-title":"Theory of Cryptography","author":"A Rosen","year":"2004","unstructured":"Rosen, A.: A note on constant-round zero-knowledge proofs for NP. In: Naor, M. (ed.) TCC 2004. LNCS, vol. 2951, pp. 191\u2013202. Springer, Heidelberg (2004). doi:\n 10.1007\/978-3-540-24638-1_11"},{"issue":"2","key":"12_CR52","doi-asserted-by":"publisher","first-page":"300","DOI":"10.1137\/0108018","volume":"8","author":"IS Reed","year":"1960","unstructured":"Reed, I.S., Solomon, G.: Polynomial codes over certain finite fields. J. SIAM 8(2), 300\u2013304 (1960). doi:\n 10.1137\/0108018","journal-title":"J. SIAM"},{"issue":"2","key":"12_CR53","doi-asserted-by":"publisher","first-page":"87","DOI":"10.1007\/BF00190757","volume":"8","author":"A Russell","year":"1995","unstructured":"Russell, A.: Necessary and sufficient conditions for collision-free hashing. J. Cryptol. 8(2), 87\u201399 (1995). doi:\n 10.1007\/BF00190757","journal-title":"J. Cryptol."},{"issue":"3","key":"12_CR54","doi-asserted-by":"publisher","first-page":"161","DOI":"10.1007\/BF00196725","volume":"4","author":"C Schnorr","year":"1991","unstructured":"Schnorr, C.: Efficient signature generation by smart cards. J. Cryptol. 4(3), 161\u2013174 (1991). doi:\n 10.1007\/BF00196725","journal-title":"J. Cryptol."},{"key":"12_CR55","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"451","DOI":"10.1007\/3-540-45022-X_38","volume-title":"Automata, Languages and Programming","author":"A Santis De","year":"2000","unstructured":"De Santis, A., Di Crescenzo, G., Persiano, G.: Necessary and sufficient assumptions for non-interactive zero-knowledge proofs of knowledge for all NP relations. In: Welzl, E., Montanari, U., Rolim, J.D.P. (eds.) ICALP 2000. LNCS, vol. 1853, pp. 451\u2013462. Springer, Heidelberg (2000). doi:\n 10.1007\/3-540-45022-X_38"},{"issue":"11","key":"12_CR56","doi-asserted-by":"publisher","first-page":"612","DOI":"10.1145\/359168.359176","volume":"22","author":"A Shamir","year":"1979","unstructured":"Shamir, A.: How to share a secret. Commun. ACM 22(11), 612\u2013613 (1979). doi:\n 10.1145\/359168.359176","journal-title":"Commun. ACM"},{"issue":"6","key":"12_CR57","doi-asserted-by":"publisher","first-page":"2551","DOI":"10.1109\/TIT.2006.874390","volume":"52","author":"A Shokrollahi","year":"2006","unstructured":"Shokrollahi, A.: Raptor codes. IEEE Trans. Inf. Theory 52(6), 2551\u20132567 (2006). doi:\n 10.1109\/TIT.2006.874390","journal-title":"IEEE Trans. Inf. Theory"},{"key":"12_CR58","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"334","DOI":"10.1007\/BFb0054137","volume-title":"Advances in Cryptology - EUROCRYPT 1998","author":"DR Simon","year":"1998","unstructured":"Simon, D.R.: Findings collisions on a one-way street: can secure hash functions be based on general assumptions? In: Nyberg, K. (ed.) EUROCRYPT 1998. LNCS, vol. 1403, pp. 334\u2013345. Springer, Heidelberg (1998). doi:\n 10.1007\/BFb0054137"},{"key":"12_CR59","doi-asserted-by":"publisher","first-page":"386","DOI":"10.1007\/978-3-642-20465-4_22","volume-title":"Advances in Cryptology \u2013 EUROCRYPT 2011","author":"Abhi shelat","year":"2011","unstructured":"Shelat, A., Shen, C.: Two-output secure computation with malicious adversaries. In: Paterson, K.G. (ed.) EUROCRYPT 2011. LNCS, vol. 6632, pp. 386\u2013405. Springer, Heidelberg (2011). doi:\n 10.1007\/978-3-642-20465-4_22\n \n . \n ia.cr\/2011\/533"},{"key":"12_CR60","doi-asserted-by":"publisher","unstructured":"Vadhan, S., Zheng, C.J.: Characterizing pseudoentropy and simplifying pseudorandom generator constructions. In: STOC 2012, pp. 817\u2013836. ACM, New York (2012). doi:\n 10.1145\/2213977.2214051","DOI":"10.1145\/2213977.2214051"}],"container-title":["Lecture Notes in Computer Science","Public-Key Cryptography \u2013 PKC 2016"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-662-49387-8_12","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2020,2,18]],"date-time":"2020-02-18T11:20:56Z","timestamp":1582024856000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-662-49387-8_12"}},"subtitle":["(and a New Universally-Composable Commitment\u00a0Scheme)"],"short-title":[],"issued":{"date-parts":[[2016]]},"ISBN":["9783662493861","9783662493878"],"references-count":60,"URL":"https:\/\/doi.org\/10.1007\/978-3-662-49387-8_12","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2016]]},"assertion":[{"value":"18 February 2016","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}}]}}