Public-Key Encryption in the Bounded-Retrieval Model

   Abstract