Topics
- Definition of CI hash functions.
- Existence in the ROM and simple counter example in the plain model.
- Positive results for CI in the plain model from LWE (implies first NIZK from LWE)
Readings
R. Canetti, A. Lombardi, and D. Wichs, “Fiat-Shamir: From Practice to Theory, Part II NIZK and Correlation Intractability from Circular-Secure FHE (PDF).” STOC 2019: Proceedings of the 51st Annual ACM SIGACT Symposium on Theory of Computing, 1082–1090.
Homework
Problem set for 6.5630 (PDF), due in two weeks.
