| year | title | booktitle | pages |
|---|
| 1 | 2012 | Constant-Round Multi-party Private Set Union Using Reversed Laurent Series | pkc | 398-412 |
| 2 | 2012 | On the Security of the "Free-XOR" Technique | tcc | 39-53 |
| 3 | 2012 | Fair Computation with Rational Players | eurocrypt | 81-98 |
| 4 | 2012 | Collusion-Preserving Computation | crypto | 124-143 |
| 5 | 2011 | Constant-Round Private Function Evaluation with Linear Complexity | asiacrypt | 556-571 |
| 6 | 2011 | Round-Optimal Password-Based Authenticated Key Exchange | tcc | 293 |
| 7 | 2011 | Limits of Computational Differential Privacy in the Client/Server Setting | tcc | 417 |
| 8 | 2011 | Limits On The Power of Zero-Knowledge Proofs in Cryptographic Constructions | tcc | 559 |
| 9 | 2011 | Impossibility of Blind Signatures From One-Way Permutations | tcc | 615 |
| 10 | 2010 | A New Framework for Password-Based Authenticated Key Exchange | eprint | online |
| 11 | 2010 | A Group Signature Scheme from Lattice Assumptions | asiacrypt | 395-412 |
| 12 | 2010 | Robust Fuzzy Extractors and Authenticated Key Agreement from Close Secrets | eprint | online |
| 13 | 2010 | Efficient Rational Secret Sharing in Standard Communication Networks | tcc | 419-436 |
| 14 | 2010 | Secure Network Coding over the Integers | pkc | 142-160 |
| 15 | 2010 | Parallel and Concurrent Security of the HB and HB+ Protocols | jofc | 402-421 |
| 16 | 2010 | Cryptography Resilient to Continual Memory Leakage | eprint | online |
| 17 | 2010 | On Achieving the "Best of Both Worlds" in Secure Multiparty Computation | eprint | online |
| 18 | 2010 | Partial Fairness in Secure Two-Party Computation | eurocrypt | 157-176 |
| 19 | 2010 | One-Round Password-Based Authenticated Key Exchange | eprint | online |
| 20 | 2009 | Signing a Linear Subspace: Signature Schemes for Network Coding | pkc | 68-87 |
| 21 | 2009 | Attacking Cryptographic Schemes Based on "Perturbation Polynomials" | eprint | online |
| 22 | 2009 | Smooth Projective Hashing and Password-Based Authenticated Key Exchange from Lattices | asiacrypt | 636-652 |
| 23 | 2009 | Collusion-Free Multiparty Computation in the Mediated Model | crypto | 524-540 |
| 24 | 2009 | Proofs of Storage from Homomorphic Identification Protocols | asiacrypt | 319-333 |
| 25 | 2009 | Signature Schemes with Bounded Leakage Resilience | asiacrypt | 703-720 |
| 26 | 2009 | On Black-Box Constructions of Predicate Encryption from Trapdoor Permutations | asiacrypt | 197-213 |
| 27 | 2009 | Reducing Complexity Assumptions for Statistically-Hiding Commitment | jofc | 283-310 |
| 28 | 2009 | Ring Signatures: Stronger Definitions, and Constructions without Random Oracles | jofc | 114-138 |
| 29 | 2009 | Composability and On-Line Deniability of Authentication | tcc | 146-162 |
| 30 | 2009 | Complete Fairness in Multi-party Computation without an Honest Majority | tcc | 19-35 |
| 31 | 2008 | Handling Expected Polynomial-Time Strategies in Simulation-Based Security Proofs | jofc | 303-349 |
| 32 | 2008 | Bridging Game Theory and Cryptography: Recent Results and Future Directions | tcc | 251-272 |
| 33 | 2008 | How to Encrypt with a Malicious Random Number Generator | fse | online |
| 34 | 2008 | Which Languages Have 4-Round Zero-Knowledge Proofs? | tcc | 73-88 |
| 35 | 2008 | Universally Composable Multi-party Computation with an Unreliable Common Reference String | tcc | 142-154 |
| 36 | 2008 | Complete Fairness in Secure Two-Party Computation | eprint | online |
| 37 | 2008 | Compact Signatures for Network Coding | eprint | online |
| 38 | 2008 | Efficient Rational Secret Sharing in the Standard Communication Model | eprint | online |
| 39 | 2008 | Predicate Encryption Supporting Disjunctions, Polynomial Equations, and Inner Products | eurocrypt | 146-162 |
| 40 | 2008 | Collusion-Free Multiparty Computation in the Mediated Model | eprint | online |
| 41 | 2008 | Signing a Linear Subspace: Signature Schemes for Network Coding | eprint | online |
| 42 | 2008 | Partial Fairness in Secure Two-Party Computation | eprint | online |
| 43 | 2007 | Universally Composable Multi-party Computation Using Tamper-Proof Hardware | eurocrypt | 115-128 |
| 44 | 2007 | Improving the Round Complexity of 'Round-Optimal' VSS | eprint | online |
| 45 | 2007 | Concurrently-Secure Blind Signatures Without Random Oracles or Setup Assumptions | tcc | 323-341 |
| 46 | 2007 | Round-Efficient Secure Computation in Point-to-Point Networks | eurocrypt | 311-328 |
| 47 | 2007 | Universally Composable Multi-Party Computation with an Unreliable Common Reference String | eprint | online |
| 48 | 2007 | Universally-Composable Two-Party Computation in Two Rounds | crypto | 111-129 |
| 49 | 2007 | Predicate Encryption Supporting Disjunctions, Polynomial Equations, and Inner Products | eprint | online |
| 50 | 2007 | Which Languages Have 4-Round Zero-Knowledge Proofs? | eprint | online |
| 51 | 2007 | Scalable Protocols for Authenticated Group Key Exchange | jofc | 85-113 |
| 52 | 2007 | A Forward-Secure Public-Key Encryption Scheme | jofc | 265-294 |
| 53 | 2006 | Ring Signatures: Stronger Definitions, and Constructions Without Random Oracles | tcc | online |
| 54 | 2006 | On Expected Constant-Round Protocols for Byzantine Agreement | eprint | online |
| 55 | 2006 | Analyzing the HB and HB+ Protocols in the ``Large Error'' Case | eprint | online |
| 56 | 2006 | Robust Fuzzy Extractors and Authenticated Key Agreement from Close Secrets | crypto | online |
| 57 | 2006 | On Expected Constant-Round Protocols for Byzantine Agreement | crypto | online |
| 58 | 2006 | Characterization of Security Notions for Probabilistic Private-Key Encryption | jofc | 67-95 |
| 59 | 2006 | Rational Secret Sharing, Revisited | eprint | online |
| 60 | 2006 | Parallel and Concurrent Security of the HB and HB+ Protocols | eurocrypt | online |
| 61 | 2006 | On Achieving the ''Best of Both Worlds'' in Secure Multiparty Computation | eprint | online |
| 62 | 2005 | Adaptively-Secure, Non-interactive Public-Key Encryption | tcc | online |
| 63 | 2005 | Secure Remote Authentication Using Biometric Data | eurocrypt | online |
| 64 | 2005 | Chosen-Ciphertext Security of Multiple Encryption | tcc | online |
| 65 | 2005 | Ring Signatures: Stronger Definitions, and Constructions without Random Oracles | eprint | online |
| 66 | 2005 | Handling Expected Polynomial-Time Strategies in Simulation-Based Security Proofs | tcc | online |
| 67 | 2005 | On Constructing Universal One-Way Hash Functions from Arbitrary One-Way Functions | eprint | online |
| 68 | 2005 | Reducing Complexity Assumptions for Statistically-Hiding Commitment | eurocrypt | online |
| 69 | 2005 | Universally Composable Password-Based Key Exchange | eurocrypt | online |
| 70 | 2005 | Handling Expected Polynomial-Time Strategies in Simulation-Based Security Proofs | eprint | online |
| 71 | 2005 | Modeling Insider Attacks on Group Key-Exchange Protocols | eprint | online |
| 72 | 2005 | Universally Composable Password-Based Key Exchange | eprint | online |
| 73 | 2005 | Parallel and Concurrent Security of the HB and HB+ Protocols | eprint | online |
| 74 | 2004 | Reducing Complexity Assumptions for Statistically-Hiding Commitment | eprint | online |
| 75 | 2004 | Chosen-Ciphertext Security from Identity-Based Encryption | eurocrypt | online |
| 76 | 2004 | Improved Efficiency for CCA-Secure Cryptosystems Built Using Identity-Based Encryption | eprint | online |
| 77 | 2004 | Round-Optimal Secure Two-Party Computation | crypto | online |
| 78 | 2004 | Adaptively-Secure, Non-Interactive Public-Key Encryption | eprint | online |
| 79 | 2003 | A Forward-Secure Public-Key Encryption Scheme | eprint | online |
| 80 | 2003 | Scalable Protocols for Authenticated Group Key Exchange | eprint | online |
| 81 | 2003 | Chosen-Ciphertext Security from Identity-Based Encryption | eprint | online |
| 82 | 2003 | Efficient and Non-malleable Proofs of Plaintext Knowledge and Applications | eurocrypt | online |
| 83 | 2003 | Round Efficiency of Multi-party Computation with a Dishonest Majority | eurocrypt | online |
| 84 | 2003 | A Forward-Secure Public-Key Encryption Scheme | eurocrypt | online |
| 85 | 2003 | Scalable Protocols for Authenticated Group Key Exchange | crypto | online |
| 86 | 2003 | Strong Key-Insulated Signature Schemes | pkc | 130-144 |
| 87 | 2002 | Efficient and Non-Malleable Proofs of Plaintext Knowledge and Applications | eprint | online |
| 88 | 2002 | A Forward-Secure Public-Key Encryption Scheme | eprint | online |
| 89 | 2002 | Key-Insulated Public-Key Cryptosystems | eprint | online |
| 90 | 2002 | Threshold Cryptosystems Based on Factoring | asiacrypt | online |
| 91 | 2002 | Key-Insulated Public Key Cryptosystems | eurocrypt | online |
| 92 | 2001 | Incremental Unforgeable Encryption | fse | 109-124 |
| 93 | 2001 | Cryptographic Counters and Applications to Electronic Voting | eurocrypt | 78-92 |
| 94 | 2001 | Efficient Password-Authenticated Key Exchange Using Human-Memorable Passwords | eurocrypt | 475-494 |
| 95 | 2001 | Efficient Password-Authenticated Key Exchange Using Human-Memorable Passwords | eprint | online |
| 96 | 2001 | Efficient and Non-Interactive Non-Malleable Commitment | eprint | online |
| 97 | 2001 | Efficient and Non-interactive Non-malleable Commitment | eurocrypt | 40-59 |
| 98 | 2001 | Threshold Cryptosystems Based on Factoring | eprint | online |
| 99 | 2000 | Unforgeable Encryption and Chosen Ciphertext Secure Modes of Operation | fse | 284-299 |
