[1]

A. Akavia, S. Goldwasser, V. Vaikuntanathan, Simultaneous hardcore bits and cryptography against memory attacks, in

*Proceedings of the 6th Theory of Cryptography Conference* (2009), pp. 474–495

CrossRef[2]

J. Alwen, Y. Dodis, M. Naor, G. Segev, S. Walfish, D. Wichs, Public-key encryption in the bounded-retrieval model, in *Advances in Cryptology—EUROCRYPT’10* (2010), pp. 113–134

[3]

J. Alwen, Y. Dodis, D. Wichs, Leakage-resilient public-key cryptography in the bounded-retrieval model, in *Advances in Cryptology—CRYPTO’09* (2009), pp. 36–54

[4]

G. Ateniese, J. Camenisch, B. de Medeiros, Untraceable RFID tags via insubvertible encryption, in

*Proceedings of the 12th ACM Conference on Computer and Communications Security* (2005), pp. 92–101

CrossRef[5]

B. Barak, O. Goldreich, Universal arguments and their applications.

*SIAM J. Comput.*
**38**(5), 1661–1694 (2008)

MathSciNetMATHCrossRef[6]

M. Bellare, S. Goldwasser, New paradigms for digital signatures and message authentication based on non-interative zero knowledge proofs, in *Advances in Cryptology—CRYPTO’89* (1989), pp. 194–211

[7]

M. Bellare, D. Hofheinz, S. Yilek, Possibility and impossibility results for encryption and commitment secure under selective opening, in *Advances in Cryptology—EUROCRYPT’09* (2009), pp. 1–35

[8]

E. Biham, A. Shamir, Differential fault analysis of secret key cryptosystems, in *Advances in Cryptology—CRYPTO’97* (1997), pp. 513–525

[9]

D. Boneh, X. Boyen, Secure identity based encryption without random oracles, in *Advances in Cryptology—CRYPTO’04* (2004), pp. 443–459

[10]

D. Boneh, X. Boyen, H. Shacham, Short group signatures, in *Advances in Cryptology—CRYPTO’04* (2004), pp. 41–55

[11]

D. Boneh, R.A. DeMillo, R.J. Lipton, On the importance of checking cryptographic protocols for faults, in *Advances in Cryptology—EUROCRYPT’97* (1997), pp. 37–51

[12]

D. Boneh, E.-J. Goh, K. Nissim, Evaluating 2-DNF formulas on ciphertexts, in

*Proceedings of the 2nd Theory of Cryptography Conference* (2005), pp. 325–341

CrossRef[13]

Z. Brakerski, S. Goldwasser, Circular and leakage resilient public-key encryption under subgroup indistinguishability (or: quadratic residuosity strikes back), in *Advances in Cryptology—CRYPTO’10* (2010), pp. 1–20

[14]

Z. Brakerski, Y. Tauman Kalai, A framework for efficient signatures, ring signatures and identity based encryption in the standard model. Cryptology ePrint Archive, Report 2010/086, 2010

[15]

Z. Brakerski, Y. Tauman Kalai, J. Katz, V. Vaikuntanathan, Cryptography resilient to continual memory leakage, in *Proceedings of the 51st Annual IEEE Symposium on Foundations of Computer Science* (2010), pp. 501–510

[16]

D. Cash, D. Hofheinz, E. Kiltz, C. Peikert, Bonsai trees, or how to delegate a lattice basis, in *Advances in Cryptology—EUROCRYPT’10* (2010), pp. 523–552

[17]

Y. Dodis, S. Goldwasser, Y. Tauman Kalai, C. Peikert, V. Vaikuntanathan, Public-key encryption schemes with auxiliary inputs, in

*Proceedings of the 7th Theory of Cryptography Conference* (2010), pp. 361–381

CrossRef[18]

Y. Dodis, K. Haralambiev, A. Lopez-Alt, D. Wichs, Cryptography against continuous memory attacks, in *Proceedings of the 51st Annual IEEE Symposium on Foundations of Computer Science* (2010), pp. 511–520

[19]

Y. Dodis, K. Haralambiev, A. Lopez-Alt, D. Wichs, Efficient public-key cryptography in the presence of key leakage, in *Advances in Cryptology—ASIACRYPT’10* (2010), pp. 613–631

[20]

Y. Dodis, A.B. Lewko, B. Waters, D. Wichs, Storing secrets on continually leaky devices, in *Proceedings of the 52nd Annual IEEE Symposium on Foundations of Computer Science* (2011), pp. 688–697

[21]

Y. Dodis, R. Ostrovsky, L. Reyzin, A. Smith, Fuzzy extractors: how to generate strong keys from biometrics and other noisy data.

*SIAM J. Comput.*
**38**(1), 97–139 (2008)

MathSciNetMATHCrossRef[22]

Y. Dodis, Y. Tauman Kalai, S. Lovett, On cryptography with auxiliary input, in

*Proceedings of the 41st Annual ACM Symposium on Theory of Computing* (2009), pp. 621–630

CrossRef[23]

S. Dziembowski, K. Pietrzak, Leakage-resilient cryptography, in *Proceedings of the 49th Annual IEEE Symposium on Foundations of Computer Science* (2008), pp. 293–302

[24]

S. Faust, E. Kiltz, K. Pietrzak, G.N. Rothblum, Leakage-resilient signatures, in

*Proceedings of the 7th Theory of Cryptography Conference* (2010), pp. 343–360

CrossRef[25]

S. Faust, T. Rabin, L. Reyzin, E. Tromer, V. Vaikuntanathan, Protecting circuits from leakage: the computationally-bounded and noisy cases, in *Advances in Cryptology—EUROCRYPT’10* (2010), pp. 135–156

[26]

A. Fiat, A. Shamir, How to prove yourself: practical solutions to identification and signature problems, in *Advances in Cryptology—CRYPTO’86* (1986), pp. 186–194

[27]

D.M. Freeman, O. Goldreich, E. Kiltz, A. Rosen, G. Segev, More constructions of lossy and correlation-secure trapdoor functions, in *Proceedings of the 13th International Conference on Practice and Theory in Public Key Cryptography* (2010), pp. 279–295

[28]

S. Garg, A. Jain, A. Sahai, Leakage-resilient zero knowledge, in *Advances in Cryptology—CRYPTO’11* (2011), pp. 297–315

[29]

S. Goldwasser, S. Micali, Probabilistic encryption.

*J. Comput. Syst. Sci.*
**28**(2), 270–299 (1984)

MathSciNetMATHCrossRef[30]

S. Goldwasser, S. Micali, R.L. Rivest, A digital signature scheme secure against adaptive chosen-message attacks.

*SIAM J. Comput.*
**17**(2), 281–308 (1988)

MathSciNetMATHCrossRef[31]

S. Goldwasser, G. Rothblum, How to play mental solitaire under continuous side-channels: a completeness theorem using secure hardware, in *Advances in Cryptology—CRYPTO’10* (2010), pp. 59–79

[32]

S. Goldwasser, Y. Tauman Kalai, C. Peikert, V. Vaikuntanathan, Robustness of the learning with errors assumption, in *Proceedings of the 1st Symposium on Innovations in Computer Science* (2010), pp. 230–240

[33]

J. Groth, R. Ostrovsky, A. Sahai, Perfect non-interactive zero knowledge for NP, in *Advance in Cryptology—EUROCRYPT’06* (2006), pp. 339–358

[34]

J. Groth, A. Sahai, Efficient non-interactive proof systems for bilinear groups, in *Advances in Cryptology—EUROCRYPT’08* (2008), pp. 415–432

[35]

J.A. Halderman, S.D. Schoen, N. Heninger, W. Clarkson, W. Paul, J.A. Calandrino, A.J. Feldman, J. Appelbaum, E.W. Felten, Lest we remember: cold boot attacks on encryption keys, in *Proceedings of the 17th USENIX Security Symposium* (2008), pp. 45–60

[36]

B. Hemenway, B. Libert, R. Ostrovsky, D. Vergnaud, Lossy encryption: constructions from general assumptions and efficient selective opening chosen ciphertext security, in *Advances in Cryptology—ASIACRYPT’11* (2011), pp. 70–88

[37]

N. Heninger, H. Shacham, Reconstructing RSA private keys from random key bits, in *Advances in Cryptology—CRYPTO’09* (2009), pp. 1–17

[38]

S. Hohenberger, B. Waters, Short and stateless signatures from the RSA assumption, in *Advances in Cryptology—CRYPTO’09* (2009), pp. 654–670

[39]

C.-Y. Hsiao, L. Reyzin, Finding collisions on a public road, or do secure hash functions need secret coins, in *Advances in Cryptology—CRYPTO’04* (2004), pp. 92–105

[40]

Y. Ishai, A. Sahai, D. Wagner, Private circuits: securing hardware against probing attacks, in *Advances in Cryptology—CRYPTO’03* (2003), pp. 463–481

[41]

A. Joux, K. Nguyen, Separating decision Diffie–Hellman from computational Diffie–Hellman in cryptographic groups.

*J. Cryptol.*
**16**(4), 239–247 (2003)

MathSciNetMATHCrossRef[42]

A. Juma, Y. Vahlis, On protecting cryptographic keys against side-channel attacks, in *Advances in Cryptology—CRYPTO’10* (2010), pp. 41–58

[43]

J. Katz, V. Vaikuntanathan, Signature schemes with bounded leakage resilience, in *Advances in Cryptology—ASIACRYPT’09* (2009), pp. 703–720

[44]

J. Kilian, A note on efficient zero-knowledge proofs and arguments (extended abstract), in *Proceedings of the 22nd Annual ACM Symposium on Theory of Computing* (1992), pp. 723–732

[45]

E. Kiltz, Chosen-ciphertext secure key-encapsulation based on gap hashed Diffie–Hellman, in *Proceedings of the 10th International Conference on Practice and Theory in Public-Key Cryptography* (2007), pp. 282–297

[46]

P.C. Kocher, Timing attacks on implementations of Diffie–Hellman, RSA, DSS, and other systems, in *Advances in Cryptology—CRYPTO’96* (1996), pp. 104–113

[47]

P.C. Kocher, J. Jaffe, B. Jun, Differential power analysis, in *Advances in Cryptology—CRYPTO’99* (1999), pp. 388–397

[48]

G. Kol, M. Naor, Cryptography and game theory: designing protocols for exchanging information, in

*Proceedings of the 5th Theory of Cryptography Conference* (2008), pp. 320–339

CrossRef[49]

H. Krawczyk, T. Rabin, Chameleon signatures, in *Proceedings of the Network and Distributed System Security Symposium (NDSS)* (2000)

[50]

A.B. Lewko, M. Lewko, B. Waters, How to leak on key updates, in *Proceedings of the 43rd Annaul ACM Symposium on Theory of Computing* (2011), pp. 725–734

[51]

V. Lyubashevsky, A. Palacio, G. Segev, Public-key cryptographic primitives provably as secure as subset sum, in

*Proceedings of the 7th Theory of Cryptography Conference* (2010), pp. 382–400

CrossRef[52]

T. Malkin, I. Teranishi, Y. Vahlis, M. Yung, Signatures resilient to continual leakage on memory and computation, in

*Proceedings of the 8th Theory of Cryptography Conference* (2011), pp. 89–106

CrossRef[53]

S. Micali, Computationally sound proofs.

*SIAM J. Comput.*
**30**(4), 1253–1298 (2000)

MathSciNetMATHCrossRef[54]

S. Micali, L. Reyzin, Physically observable cryptography, in

*Proceedings of the 1st Theory of Cryptography Conference* (2004), pp. 278–296

CrossRef[55]

M. Naor, G. Segev, Public-key cryptosystems resilient to key leakage, in *Advances in Cryptology—CRYPTO’09* (2009), pp. 18–35

[56]

M. Naor, M. Yung, Universal one-way hash functions and their cryptographic applications, in *Proceedings of the 21st Annual ACM Symposium on Theory of Computing* (1989), pp. 33–43

[57]

C. Peikert, V. Vaikuntanathan, B. Waters, A framework for efficient and composable oblivious transfer, in *Advances in Cryptology—CRYPTO’08* (2008), pp. 554–571

[58]

C. Peikert, B. Waters, Lossy trapdoor functions and their applications.

*SIAM J. Comput.*
**40**(6), 1803–1844 (2011)

MathSciNetMATHCrossRef[59]

K. Pietrzak, A leakage-resilient mode of operation, in *Advances in Cryptology—EUROCRYPT’09* (2009), pp. 462–482

[60]

J. Rompel, One-way functions are necessary and sufficient for secure signatures, in *Proceedings of the 22nd Annual ACM Symposium on Theory of Computing* (1990), pp. 387–394

[61]

H. Shacham, A Cramer–Shoup encryption scheme from the linear assumption and from progressively weaker linear variants. Cryptology ePrint Archive, Report 2007/074 (2007)

[62]

V. Shoup, Lower bounds for discrete logarithms and related problems, in *Advances in Cryptology—EUROCRYPT’97* (1997), pp. 256–266

[63]

Y. Tauman Kalai, B. Kanukurthi, A. Sahai, Cryptography with tamperable and leaky memory, in *Advances in Cryptology—CRYPTO’11* (2011), pp. 373–390

[64]

B. Waters, Efficient identity-based encryption without random oracles, in *Advances in Cryptology—EUROCRYPT’05* (2005), pp. 114–127