Inspired by [[Mark Zhandry]]'s TCC'23 paper [[Multi-Instance Randomness Extraction and Security against Bounded-Storage Mass Surveillance]]; apparently you can use [[Non-Committing Encryption]] pretty much directly when modelling mass surveillance. That paper seems completely disconnected from our part of the community, as it cites neither Nielsen, Bellare et al., or Auerbach et al., but given our (my) expertise on these security notions it does seem worth writing something about. Compare different multi-instance models of mass surveillance? Apply our systematization? What do multi-instance notions of [[Selective Opening Attacks]] look like? ### Neste steg - [ ] 🎓 Finn ut om det er noe interessant å utforske her