DOCSLIB.ORG

How to Play Mental Poker Keeping -Secret All Partial Information

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text

Load more

Probabilistic Encryption & How To Play Mental Poker Keeping Secret All Partial Information Shaft Goldwasser * and Silvio Micali ** Computer Science Department University of California - Berkeley I. Introduction We would like to point out two basic weaknesses of this approach: This paper proposes an Encryption Scheme 1) The fact that f is a trapdoor function does that possess the following property: not rule out the possibility of computing x An adversary, who knows the encryption from ff (x) when x is of a special form. algorithm and is given the cyphertext, can- Usually messages do not consist of numbers not obtain any information about the clear- chosen at random but possess more struc- text. ture. Such structural information may help Any implementation of a Public Key Cryptosys- in decoding. For example, a function f, tem, as proposed by Diffie and Hellman in [8], which is hard to invert on a generic input, should possess this property. could conceivably be easy to invert on the ASCII representations of English sentences. Our Encryption Scheme follows the ideas in 2) The fact that f is a trapdoor function does the number theoretic implementations of a not rule out the possibility of easily com- Public Key Cryptosystem due to Rivest, Shamir puting some partial information about z and Adleman [13], and Rabin [12]. (even every other bit of x) from f (z). The danger in the case that z is the ASCII Security is based on Complexity Theory and representation of an English sentence is the intractability of some problems in number self evident. Encrypting messages in a way theory such as factoring, index finding and that ensures the secrecy of all partial infor- deciding whether numbers are quadratic resi- mation is an extremely important goal in dues with respect to composite mvduli is Cryptography. The importance of this point assumed. In this context, impossibility means of view is particularly apparent if we want computational infeasibility and proving that a to use encryption to play card games over problem is hard means to show it equivalent to the telephone. If the suit or color of a card one of the above mentioned problems. could be compromised the whole game could be invalid. The key idea in both the RSA scheme and the Rabin scheme is the selection of an Though no one knows how to break the RSA or appropriate trapdoor function; an easy to the Rabin scheme, in none of these schemes is evaluate function f such that x is not easily it proved that decoding is hard without any computable from f(x), unless some extra assumptions made on the message space. Rabin information is known. To encrypt a message shows that, in his scheme, decoding is hard for m, one simply evaluates f (m). an adversary if the set of possible messages has some density property. The novelty of our contribution consists of Thin research was supported by * NSF Grant MCS-79-037667 1. The notion of Trapdoor Functions is ** fellowship from Consiglio Nazionale delle Ricerche - replaced by Probabilistic Encryption. To Italy and in part by NSF Grant MCS-79-037667 encrypt each message we make use of a fair coin. The encoding of each message will depend on the message plus the result of a Permission to copy without fee all or part of this material is granted provided that the copies are not made or distributed for direct sequence of coin tosses. Consequently, commercial advantage, the ACM copyright notice and the title of the there are many possible encodings for each publication and its date appear, and notice is given that copying is by message, llowever, messages are always permission of the Association for Computing Machinery. To copy uniquely decodable.~ otherwise, or to republish, requires a fee and/or specific permission. IProbabilistic Encryption is completely different from the technique of apl~eDcling random bits to a message as © 1982 ACM0-89791-067-2/82/005/0365 $00.75 suggested in U?.] and [16]. 365 2. Decoding is easy for the legal receiver of a ingenious paper [8]. Let M be a finite message message, but provably hard for an adver- space, A, B,... be users, and let m e M denote a sary. Therefore the spirit of a trapdoor message. Let EA:M~M be A's encryption func- function is maintained. In addition, in our tion, which is ideally bijective, and D A be A's scheme, without imposing any restrictions decryption function such that DA(EA(m)) = m on the message space, we can prove that for all m e M. In a Public Key Cryptosystem E A decoding is equivalent to deciding qua- is placed in a public file, and user A keeps DA dratic residuosity modulo composite private. D A should be difficult to compute numbers. knowing only E A. To send message m to A, B takes E A from the public file, computes EA(m ) 3. No Partial Information about an encrypted and sends this message to A. A easily computes message could be obtained by an adver- DA(EA(m)) to obtain m. sary. Assume that the message space has an associated probability distribution and that, with respect to this distribution, an 2.2 The RSA scheme and the Rabin scheme easy to compute predicate P (such as "the The two implementations of a Public Key exclusive or of all the bits in the message is Cryptosystem most relevant and inspiring for 1") has probability p to be true. Let p ~ .5 this paper are the RSA scheme [13], due to without any loss of generality. Then, Rivest, Shamir and Adleman, and its particular- without any special ability, an adversary, ization suggested by Rabin [ 12]. given the cyphertext~ can always guess that P is true for the cleartext, and be The key idea in both the RSA scheme and correct with probabilityp. the Rabin scheme consists in the selection of an appropriate number theoretic trapdoor Based on the assumption that deciding qua- function. In the RSA scheme, user A selects/,~, dratic residuosity modulo composite the product of two large primes p I and p 2 and a numbers is hard, we prove that an adver- number s such that s and 9(N) are relatively sary cannot guess correctly with probabil- prime , where ~ is the Euler totient function. A ity p+e,from the cyphertext, whether the puts N and s in a public file and keeps the fac- cleartext satisfies the predicate P, where e torization of N private. Let ZN'= ~ z I is a non negligible positive real number. i ~ z ~ N-i and z and N are relatively primel. For every message m eZN', EA(rn)=m s mod Probabilistic Encryption has been useful for the N. Clearly, the ability to take s th roots rood N solution of Mental Poker. The problem whether implies the ability to decode. A, who knows the it is possible to play a "fair" game of Mental factorization of N, can easily take s th roots mod Poker has been raised by Robert Floyd. N. No efficient way to take sth roots rood Nis Shamir, Rivest and Adleman proposed an known when the factorlzation of N is unknown. elegant solution to this problem in [14] using commutative encryption functions, but they About the RSA scheme aabin remarks that, could not prove that partial information could for all we know, inverting the function z ~ rood not be compromised using their scheme. N may be a hard problem in general, and yet Indeed, several problems in the implementa- easy for a large percentage of the z's. tion of their scheme have been pointed out by He suggests to modify the RSA scheme by Lipton in [ 10]. choosing s=2. Thus, for all users A, EA(Z ) = z 2 rood N. Notice that E A is a 4-1 function because We present a solution for Mental Poker, for our N is the product of two primes. In fact, which we can prove, based on the assumption every quadratic residue rood N, i.e every q that factoring and deciding quadratic such that q~z 2 mod N for some z eZN', has residuosity modulo composite numbers is hard, four square roots mod N: ±z mod N and ±y that not a single bit of information about a card rood N. As A knows the factorization of N, upon which should remain hidden can be discovered. receiving the encrypted message m 2 mod N, he Our solution does not use commutative encryp- could compute its four square roots and get the tion functions. message rn. The ambiguity in decoding could be eliminated, for example, by sending the first 2. The ,Security of a Public Key Cryptosystem. 20 digits of rn in addition to m 2 rood N. Such All the number theoretic notation used in extra information cannot effectively help in this section will be defined in section 3.1. decoding: we could always guess the first 20 digits of m. 2.1 What is a Public Key Cryptosystem? The following theorem shows how hard is it The concept of a Public Key Cryptosystem to invert Rabin's function z 2 mod N. was introduced by Diffie and Hellman in their Theorem (Rabin): If for i~ of the q's quadratic 366 residues mod N one could find one square root in ZN*, the ability to decode 1% of all messages of q, then one could factor N in Random Poly- does not yield a random polynomial time algo- nomial Time. rithm for factoring. The theorem follows from the following By "sparse" we mean that for a randomly lemma that we state without proof.
Recommended publications
  • Tarjan Transcript Final with Timestamps

    Tarjan Transcript Final with Timestamps

    A.M. Turing Award Oral History Interview with Robert (Bob) Endre Tarjan by Roy Levin San Mateo, California July 12, 2017 Levin: My name is Roy Levin. Today is July 12th, 2017, and I’m in San Mateo, California at the home of Robert Tarjan, where I’ll be interviewing him for the ACM Turing Award Winners project. Good afternoon, Bob, and thanks for spending the time to talk to me today. Tarjan: You’re welcome. Levin: I’d like to start by talking about your early technical interests and where they came from. When do you first recall being interested in what we might call technical things? Tarjan: Well, the first thing I would say in that direction is my mom took me to the public library in Pomona, where I grew up, which opened up a huge world to me. I started reading science fiction books and stories. Originally, I wanted to be the first person on Mars, that was what I was thinking, and I got interested in astronomy, started reading a lot of science stuff. I got to junior high school and I had an amazing math teacher. His name was Mr. Wall. I had him two years, in the eighth and ninth grade. He was teaching the New Math to us before there was such a thing as “New Math.” He taught us Peano’s axioms and things like that. It was a wonderful thing for a kid like me who was really excited about science and mathematics and so on. The other thing that happened was I discovered Scientific American in the public library and started reading Martin Gardner’s columns on mathematical games and was completely fascinated.
  • 1. Course Information Are Handed Out

    1. Course Information Are Handed Out

    6.826—Principles of Computer Systems 2006 6.826—Principles of Computer Systems 2006 course secretary's desk. They normally cover the material discussed in class during the week they 1. Course Information are handed out. Delayed submission of the solutions will be penalized, and no solutions will be accepted after Thursday 5:00PM. Students in the class will be asked to help grade the problem sets. Each week a team of students Staff will work with the TA to grade the week’s problems. This takes about 3-4 hours. Each student will probably only have to do it once during the term. Faculty We will try to return the graded problem sets, with solutions, within a week after their due date. Butler Lampson 32-G924 425-703-5925 [email protected] Policy on collaboration Daniel Jackson 32-G704 8-8471 [email protected] We encourage discussion of the issues in the lectures, readings, and problem sets. However, if Teaching Assistant you collaborate on problem sets, you must tell us who your collaborators are. And in any case, you must write up all solutions on your own. David Shin [email protected] Project Course Secretary During the last half of the course there is a project in which students will work in groups of three Maria Rebelo 32-G715 3-5895 [email protected] or so to apply the methods of the course to their own research projects. Each group will pick a Office Hours real system, preferably one that some member of the group is actually working on but possibly one from a published paper or from someone else’s research, and write: Messrs.
  • MODELING and ANALYSIS of MOBILE TELEPHONY PROTOCOLS by Chunyu Tang a DISSERTATION Submitted to the Faculty of the Stevens Instit

    MODELING and ANALYSIS of MOBILE TELEPHONY PROTOCOLS by Chunyu Tang a DISSERTATION Submitted to the Faculty of the Stevens Instit

    MODELING AND ANALYSIS OF MOBILE TELEPHONY PROTOCOLS by Chunyu Tang A DISSERTATION Submitted to the Faculty of the Stevens Institute of Technology in partial fulfillment of the requirements for the degree of DOCTOR OF PHILOSOPHY Chunyu Tang, Candidate ADVISORY COMMITTEE David A. Naumann, Chairman Date Yingying Chen Date Daniel Duchamp Date Susanne Wetzel Date STEVENS INSTITUTE OF TECHNOLOGY Castle Point on Hudson Hoboken, NJ 07030 2013 c 2013, Chunyu Tang. All rights reserved. iii MODELING AND ANALYSIS OF MOBILE TELEPHONY PROTOCOLS ABSTRACT The GSM (2G), UMTS (3G), and LTE (4G) mobile telephony protocols are all in active use, giving rise to a number of interoperation situations. This poses serious challenges in ensuring authentication and other security properties. Analyzing the security of all possible interoperation scenarios by hand is, at best, tedious under- taking. Model checking techniques provide an effective way to automatically find vulnerabilities in or to prove the security properties of security protocols. Although the specifications address the interoperation cases between GSM and UMTS and the switching and mapping of established security context between LTE and previous technologies, there is not a comprehensive specification of which are the possible interoperation cases. Nor is there comprehensive specification of the procedures to establish security context (authentication and short-term keys) in the various interoperation scenarios. We systematically enumerate the cases, classifying them as allowed, disallowed, or uncertain with rationale based on detailed analysis of the specifications. We identify the authentication and key agreement procedure for each of the possible cases. We formally model the pure GSM, UMTS, LTE authentication protocols, as well as all the interoperation scenarios; we analyze their security, in the symbolic model of cryptography, using the tool ProVerif.
  • Department of Computer Science

    Department of Computer Science

    i cl i ck ! MAGAZINE click MAGAZINE 2014, VOLUME II FIVE DECADES AS A DEPARTMENT. THOUSANDS OF REMARKABLE GRADUATES. 50COUNTLESS INNOVATIONS. Department of Computer Science click! Magazine is produced twice yearly for the friends of got your CS swag? CS @ ILLINOIS to showcase the innovations of our faculty and Commemorative 50-10 Anniversary students, the accomplishments of our alumni, and to inspire our t-shirts are available! partners and peers in the field of computer science. Department Head: Editorial Board: Rob A. Rutenbar Tom Moone Colin Robertson Associate Department Heads: Rob A. Rutenbar shop now! my.cs.illinois.edu/buy Gerald DeJong Michelle Wellens Jeff Erickson David Forsyth Writers: David Cunningham CS Alumni Advisory Board: Elizabeth Innes Alex R. Bratton (BS CE ’93) Mike Koon Ira R. Cohen (BS CS ’81) Rick Kubetz Vilas S. Dhar (BS CS ’04, BS LAS BioE ’04) Leanne Lucas William M. Dunn (BS CS ‘86, MS ‘87) Tom Moone Mary Jane Irwin (MS CS ’75, PhD ’77) Michelle Rice Jennifer A. Mozen (MS CS ’97) Colin Robertson Daniel L. Peterson (BS CS ’05) Laura Schmitt Peter L. Tannenwald (BS LAS Math & CS ’85) Michelle Wellens Jill C. Zmaczinsky (BS CS ’00) Design: Contact us: SURFACE 51 [email protected] 217-333-3426 Machines take me by surprise with great frequency. Alan Turing 2 CS @ ILLINOIS Department of Computer Science College of Engineering, College of Liberal Arts & Sciences University of Illinois at Urbana-Champaign shop now! my.cs.illinois.edu/buy click i MAGAZINE 2014, VOLUME II 2 Letter from the Head 4 ALUMNI NEWS 4 Alumni
  • Lipics-ISAAC-2020-42.Pdf (0.5

    Lipics-ISAAC-2020-42.Pdf (0.5

    Multiparty Selection Ke Chen Department of Computer Science, University of Wisconsin–Milwaukee, WI, USA [email protected] Adrian Dumitrescu Department of Computer Science, University of Wisconsin–Milwaukee, WI, USA [email protected] Abstract Given a sequence A of n numbers and an integer (target) parameter 1 ≤ i ≤ n, the (exact) selection problem is that of finding the i-th smallest element in A. An element is said to be (i, j)-mediocre if it is neither among the top i nor among the bottom j elements of S. The approximate selection problem is that of finding an (i, j)-mediocre element for some given i, j; as such, this variant allows the algorithm to return any element in a prescribed range. In the first part, we revisit the selection problem in the two-party model introduced by Andrew Yao (1979) and then extend our study of exact selection to the multiparty model. In the second part, we deduce some communication complexity benefits that arise in approximate selection. In particular, we present a deterministic protocol for finding an approximate median among k players. 2012 ACM Subject Classification Theory of computation Keywords and phrases approximate selection, mediocre element, comparison algorithm, i-th order statistic, tournaments, quantiles, communication complexity Digital Object Identifier 10.4230/LIPIcs.ISAAC.2020.42 1 Introduction Given a sequence A of n numbers and an integer (selection) parameter 1 ≤ i ≤ n, the selection problem asks to find the i-th smallest element in A. If the n elements are distinct, the i-th smallest is larger than i − 1 elements of A and smaller than the other n − i elements of A.
  • A Fast Mental Poker Protocol

    A Fast Mental Poker Protocol

    J. Math. Cryptol. 6 (2012), 39–68 DOI 10.1515/jmc-2012-0004 © de Gruyter 2012 A fast mental poker protocol Tzer-jen Wei and Lih-Chung Wang Communicated by Kwangjo Kim Abstract. In this paper, we present a fast and secure mental poker protocol. The basic structure is the same as Barnett & Smart’s and Castellà-Roca’s protocols but our encryp- tion scheme is different. With this alternative encryption scheme, our shuffle is not only twice as fast, but it also has different security properties. As such, Barnett & Smart’s and Castellà-Roca’s security proof cannot be applied to our protocol directly. Nevertheless, our protocol is still provably secure under the DDH assumption. The only weak point of our protocol is that reshuffling a small subset of cards might take longer than Barnett & Smart’s and Castellà-Roca’s protocols. Therefore, our protocol is more suitable for card games such as bridge, most poker games, mahjong, hearts, or black jack, which do not require much partial reshuffling. Keywords. Mental poker, DDH assumption. 2010 Mathematics Subject Classification. 94A60, 68M12. 1 Introduction 1.1 Mental poker Mental poker is the study of protocols that allow players to play fair poker games over the net without a trusted third party. There are very few assumptions about the behavior of adversaries in mental poker. Adversaries are typically allowed to have a coalition of any size and can conduct active attacks. The main challenge is to design a secure mental poker protocol that is fast enough for practical needs. Numerous mental poker protocols have been proposed ([4,5,10–12,17,18,20,25,26,28,30,34–36]) and many of them are provably secure, but all commercial online poker rooms are still based on client-server architec- tures.
  • Protocols for Secure Computations (Extended Abstract)

    Protocols for Secure Computations (Extended Abstract)

    Protocols for Secure Computations (extended abstract) Andrew C. Yao University of California Berkeley, California 94720 1 Introduction without a precise model it would be hard to answer a Two millionaires wish to know who is richer; however, question such as “Is it possible for three mutually sus- they do not want to find out inadvertently any additional pecting parties to interactively generate a bit with bias information about each other’s wealth. How can they 1/e ?” carry out such a conversation? In response to this need, we propose to adopt the fol- This is a special case of the following general prob- lowing view. Two parties Alice and Bob, in possession lem. Suppose m people wish to compute the value of a of private variables i and j respectively, wish to commu- nicate so that Alice can evaluate a function f(i, j), and function f(x1, x2, x3, . , xm), which is an integer-valued Bob a function g(i, j). There may be some eavesdrop- function of m integer variables xi of bounded range. As- pers or saboteurs on the communication line. The pur- sume initially person Pi knows the value of xi and no other x’s. Is it possible for them to compute the value of pose of a protocol would be to design an algorithm for f, by communicating among themselves, without unduly Alice and Bob to follow, such that certain security con- giving away any information about the values of their own straints (against saboteur) and privacy constraints (Alice variables? The millionaires’ problem corresponds to the may not wish to reveal the exact value of i) can be satis- fied.
  • Contributions to Mental Poker

    Contributions to Mental Poker

    Contributions to Mental Poker Submitted to Universitat Autonoma` de Barcelona in partial fulfillment of the requirements for the degree of Doctor of Philosophy in Computer Science by Jordi Castell`a-Roca May 2005 c Copyright 2005 by Jordi Castell`a-Roca Abstract Computer networks and especially the Internet have allowed some common activities such as shopping or gambling to become remote (e-shopping and e-gambling). The poker game played over a network is known as mental poker. The problem with mental poker is the difficulty of keeping it practical while guaranteeing the same standards of security, fairness and auditability offered by standard casinos for physical poker. The important aspects to take into account when designing mental poker protocols are: functionality, security, and computational and communication cost. Proposals in the literature usually focus on the first two items only. This makes comparisons difficult. This thesis starts with a formal cost analysis of the main proposals in the literature. The analysis is not limited to costs, though; security is also analyzed and, in fact, our study detected a fundamental weakness in one of the compared mental poker protocols. The attack is presented in a separate chapter after the global comparative analysis. The three following chapters of this thesis present three new protocols that enhance the proposals in the literature in different ways. The first proposal belongs to the family of TTP-free protocols and does not preserve the confidentiality of player strategies; it reduces the computational cost by avoiding the use of zero- knowledge proofs. The second proposal is TTP-free, preserves the confidentiality of player strategies and reduces the computational cost by requiring players to perform less mathematical operations.
  • Expander Flows, Geometric Embeddings and Graph Partitioning

    Expander Flows, Geometric Embeddings and Graph Partitioning

    Expander Flows, Geometric Embeddings and Graph Partitioning SANJEEV ARORA Princeton University SATISH RAO and UMESH VAZIRANI UC Berkeley We give a O(√log n)-approximation algorithm for the sparsest cut, edge expansion, balanced separator,andgraph conductance problems. This improves the O(log n)-approximation of Leighton and Rao (1988). We use a well-known semidefinite relaxation with triangle inequality constraints. Central to our analysis is a geometric theorem about projections of point sets in d, whose proof makes essential use of a phenomenon called measure concentration. We also describe an interesting and natural “approximate certificate” for a graph’s expansion, which involves embedding an n-node expander in it with appropriate dilation and congestion. We call this an expander flow. Categories and Subject Descriptors: F.2.2 [Theory of Computation]: Analysis of Algorithms and Problem Complexity; G.2.2 [Mathematics of Computing]: Discrete Mathematics and Graph Algorithms General Terms: Algorithms,Theory Additional Key Words and Phrases: Graph Partitioning,semidefinite programs,graph separa- tors,multicommodity flows,expansion,expanders 1. INTRODUCTION Partitioning a graph into two (or more) large pieces while minimizing the size of the “interface” between them is a fundamental combinatorial problem. Graph partitions or separators are central objects of study in the theory of Markov chains, geometric embeddings and are a natural algorithmic primitive in numerous settings, including clustering, divide and conquer approaches, PRAM emulation, VLSI layout, and packet routing in distributed networks. Since finding optimal separators is NP-hard, one is forced to settle for approximation algorithms (see Shmoys [1995]). Here we give new approximation algorithms for some of the important problems in this class.
  • The Growth of Cryptography

    The Growth of Cryptography

    The growth of cryptography Ronald L. Rivest Viterbi Professor of EECS MIT, Cambridge, MA James R. Killian Jr. Faculty Achievement Award Lecture February 8, 2011 Outline Some pre-1976 context Invention of Public-Key Crypto and RSA Early steps The cryptography business Crypto policy Attacks More New Directions What Next? Conclusion and Acknowledgments Outline Some pre-1976 context Invention of Public-Key Crypto and RSA Early steps The cryptography business Crypto policy Attacks More New Directions What Next? Conclusion and Acknowledgments The greatest common divisor of two numbers is easily computed (using “Euclid’s Algorithm”): gcd(12; 30) = 6 Euclid – 300 B.C. There are infinitely many primes: 2, 3, 5, 7, 11, 13, . Euclid – 300 B.C. There are infinitely many primes: 2, 3, 5, 7, 11, 13, . The greatest common divisor of two numbers is easily computed (using “Euclid’s Algorithm”): gcd(12; 30) = 6 Greek Cryptography – The Scytale An unknown period (the circumference of the scytale) is the secret key, shared by sender and receiver. Euler’s Theorem (1736): If gcd(a; n) = 1, then aφ(n) = 1 (mod n) ; where φ(n) = # of x < n such that gcd(x; n) = 1. Pierre de Fermat (1601-1665) Leonhard Euler (1707–1783) Fermat’s Little Theorem (1640): For any prime p and any a, 1 ≤ a < p: ap−1 = 1 (mod p) Pierre de Fermat (1601-1665) Leonhard Euler (1707–1783) Fermat’s Little Theorem (1640): For any prime p and any a, 1 ≤ a < p: ap−1 = 1 (mod p) Euler’s Theorem (1736): If gcd(a; n) = 1, then aφ(n) = 1 (mod n) ; where φ(n) = # of x < n such that gcd(x; n) = 1.
  • The RSA Algorithm

    The RSA Algorithm

    The RSA Algorithm Evgeny Milanov 3 June 2009 In 1978, Ron Rivest, Adi Shamir, and Leonard Adleman introduced a cryptographic algorithm, which was essentially to replace the less secure National Bureau of Standards (NBS) algorithm. Most impor- tantly, RSA implements a public-key cryptosystem, as well as digital signatures. RSA is motivated by the published works of Diffie and Hellman from several years before, who described the idea of such an algorithm, but never truly developed it. Introduced at the time when the era of electronic email was expected to soon arise, RSA implemented two important ideas: 1. Public-key encryption. This idea omits the need for a \courier" to deliver keys to recipients over another secure channel before transmitting the originally-intended message. In RSA, encryption keys are public, while the decryption keys are not, so only the person with the correct decryption key can decipher an encrypted message. Everyone has their own encryption and decryption keys. The keys must be made in such a way that the decryption key may not be easily deduced from the public encryption key. 2. Digital signatures. The receiver may need to verify that a transmitted message actually origi- nated from the sender (signature), and didn't just come from there (authentication). This is done using the sender's decryption key, and the signature can later be verified by anyone, using the corresponding public encryption key. Signatures therefore cannot be forged. Also, no signer can later deny having signed the message. This is not only useful for electronic mail, but for other electronic transactions and transmissions, such as fund transfers.
  • A Library of Graph Algorithms and Supporting Data Structures

    A Library of Graph Algorithms and Supporting Data Structures

    Washington University in St. Louis Washington University Open Scholarship All Computer Science and Engineering Research Computer Science and Engineering Report Number: WUCSE-2015-001 2015-01-19 Grafalgo - A Library of Graph Algorithms and Supporting Data Structures Jonathan Turner This report provides an overview of Grafalgo, an open-source library of graph algorithms and the data structures used to implement them. The programs in this library were originally written to support a graduate class in advanced data structures and algorithms at Washington University. Because the code's primary purpose was pedagogical, it was written to be as straightforward as possible, while still being highly efficient. afalgoGr is implemented in C++ and incorporates some features of C++11. The library is available on an open-source basis and may be downloaded from https://code.google.com/p/grafalgo/. Source code documentation is at www.arl.wustl.edu/~jst/doc/grafalgo. While not designed as... Read complete abstract on page 2. Follow this and additional works at: https://openscholarship.wustl.edu/cse_research Part of the Computer Engineering Commons, and the Computer Sciences Commons Recommended Citation Turner, Jonathan, "Grafalgo - A Library of Graph Algorithms and Supporting Data Structures" Report Number: WUCSE-2015-001 (2015). All Computer Science and Engineering Research. https://openscholarship.wustl.edu/cse_research/242 Department of Computer Science & Engineering - Washington University in St. Louis Campus Box 1045 - St. Louis, MO - 63130 - ph: (314) 935-6160. This technical report is available at Washington University Open Scholarship: https://openscholarship.wustl.edu/ cse_research/242 Grafalgo - A Library of Graph Algorithms and Supporting Data Structures Jonathan Turner Complete Abstract: This report provides an overview of Grafalgo, an open-source library of graph algorithms and the data structures used to implement them.