Universally composable security with global setup

Ran Canetti, Yevgeniy Dodis, Rafael Pass, Shabsi Walfish

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

Cryptographic protocols are often designed and analyzed under some trusted set-up assumptions, namely in settings where the participants have access to global information that is trusted to have some basic security properties. However, current modeling of security in the presence of such set-up falls short of providing the expected security guarantees. A quintessential example of this phenomenon is the deniability concern: there exist natural protocols that meet the strongest known composable security notions, and are still vulnerable to bad interactions with rogue protocols that use the same set-up. We extend the notion of universally composable (UC) security in a way that re-establishes its original intuitive guarantee even for protocols that use globally available set-up. The new formulation prevents bad interactions even with adaptively chosen protocols that use the same set-up. In particular, it guarantees deniability. While for protocols that use no set-up the proposed requirements are the same as in traditional UC security, for protocols that use global set-up the proposed requirements are significantly stronger. In fact, realizing Zero Knowledge or commitment becomes provably impossible, even in the Common Reference String model. Still, we propose reasonable alternative set-up assumptions and protocols that allow realizing practically any cryptographic task under standard hardness assumptions even against adaptive corruptions.

Original languageEnglish (US)
Title of host publicationTheory of Cryptography - 4th Theory of Cryptography Conference, TCC 2007, Proceedings
Pages61-85
Number of pages25
Volume4392 LNCS
StatePublished - 2007
Event4th Theory of Cryptography Conference, TCC 2OO7 - Amsterdam, Netherlands
Duration: Feb 21 2007Feb 24 2007

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume4392 LNCS
ISSN (Print)03029743
ISSN (Electronic)16113349

Other

Other4th Theory of Cryptography Conference, TCC 2OO7
CountryNetherlands
CityAmsterdam
Period2/21/072/24/07

Fingerprint

Access to Information
Hardness
Zero-knowledge
Cryptographic Protocols
Requirements
Interaction
Intuitive
Strings
Formulation
Alternatives

ASJC Scopus subject areas

  • Computer Science(all)
  • Biochemistry, Genetics and Molecular Biology(all)
  • Theoretical Computer Science

Cite this

Canetti, R., Dodis, Y., Pass, R., & Walfish, S. (2007). Universally composable security with global setup. In Theory of Cryptography - 4th Theory of Cryptography Conference, TCC 2007, Proceedings (Vol. 4392 LNCS, pp. 61-85). (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 4392 LNCS).

Universally composable security with global setup. / Canetti, Ran; Dodis, Yevgeniy; Pass, Rafael; Walfish, Shabsi.

Theory of Cryptography - 4th Theory of Cryptography Conference, TCC 2007, Proceedings. Vol. 4392 LNCS 2007. p. 61-85 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 4392 LNCS).

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Canetti, R, Dodis, Y, Pass, R & Walfish, S 2007, Universally composable security with global setup. in Theory of Cryptography - 4th Theory of Cryptography Conference, TCC 2007, Proceedings. vol. 4392 LNCS, Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), vol. 4392 LNCS, pp. 61-85, 4th Theory of Cryptography Conference, TCC 2OO7, Amsterdam, Netherlands, 2/21/07.
Canetti R, Dodis Y, Pass R, Walfish S. Universally composable security with global setup. In Theory of Cryptography - 4th Theory of Cryptography Conference, TCC 2007, Proceedings. Vol. 4392 LNCS. 2007. p. 61-85. (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)).
Canetti, Ran ; Dodis, Yevgeniy ; Pass, Rafael ; Walfish, Shabsi. / Universally composable security with global setup. Theory of Cryptography - 4th Theory of Cryptography Conference, TCC 2007, Proceedings. Vol. 4392 LNCS 2007. pp. 61-85 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)).
@inproceedings{678334c1d217408db3225133833a66d8,
title = "Universally composable security with global setup",
abstract = "Cryptographic protocols are often designed and analyzed under some trusted set-up assumptions, namely in settings where the participants have access to global information that is trusted to have some basic security properties. However, current modeling of security in the presence of such set-up falls short of providing the expected security guarantees. A quintessential example of this phenomenon is the deniability concern: there exist natural protocols that meet the strongest known composable security notions, and are still vulnerable to bad interactions with rogue protocols that use the same set-up. We extend the notion of universally composable (UC) security in a way that re-establishes its original intuitive guarantee even for protocols that use globally available set-up. The new formulation prevents bad interactions even with adaptively chosen protocols that use the same set-up. In particular, it guarantees deniability. While for protocols that use no set-up the proposed requirements are the same as in traditional UC security, for protocols that use global set-up the proposed requirements are significantly stronger. In fact, realizing Zero Knowledge or commitment becomes provably impossible, even in the Common Reference String model. Still, we propose reasonable alternative set-up assumptions and protocols that allow realizing practically any cryptographic task under standard hardness assumptions even against adaptive corruptions.",
author = "Ran Canetti and Yevgeniy Dodis and Rafael Pass and Shabsi Walfish",
year = "2007",
language = "English (US)",
isbn = "9783540709350",
volume = "4392 LNCS",
series = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",
pages = "61--85",
booktitle = "Theory of Cryptography - 4th Theory of Cryptography Conference, TCC 2007, Proceedings",

}

TY - GEN

T1 - Universally composable security with global setup

AU - Canetti, Ran

AU - Dodis, Yevgeniy

AU - Pass, Rafael

AU - Walfish, Shabsi

PY - 2007

Y1 - 2007

N2 - Cryptographic protocols are often designed and analyzed under some trusted set-up assumptions, namely in settings where the participants have access to global information that is trusted to have some basic security properties. However, current modeling of security in the presence of such set-up falls short of providing the expected security guarantees. A quintessential example of this phenomenon is the deniability concern: there exist natural protocols that meet the strongest known composable security notions, and are still vulnerable to bad interactions with rogue protocols that use the same set-up. We extend the notion of universally composable (UC) security in a way that re-establishes its original intuitive guarantee even for protocols that use globally available set-up. The new formulation prevents bad interactions even with adaptively chosen protocols that use the same set-up. In particular, it guarantees deniability. While for protocols that use no set-up the proposed requirements are the same as in traditional UC security, for protocols that use global set-up the proposed requirements are significantly stronger. In fact, realizing Zero Knowledge or commitment becomes provably impossible, even in the Common Reference String model. Still, we propose reasonable alternative set-up assumptions and protocols that allow realizing practically any cryptographic task under standard hardness assumptions even against adaptive corruptions.

AB - Cryptographic protocols are often designed and analyzed under some trusted set-up assumptions, namely in settings where the participants have access to global information that is trusted to have some basic security properties. However, current modeling of security in the presence of such set-up falls short of providing the expected security guarantees. A quintessential example of this phenomenon is the deniability concern: there exist natural protocols that meet the strongest known composable security notions, and are still vulnerable to bad interactions with rogue protocols that use the same set-up. We extend the notion of universally composable (UC) security in a way that re-establishes its original intuitive guarantee even for protocols that use globally available set-up. The new formulation prevents bad interactions even with adaptively chosen protocols that use the same set-up. In particular, it guarantees deniability. While for protocols that use no set-up the proposed requirements are the same as in traditional UC security, for protocols that use global set-up the proposed requirements are significantly stronger. In fact, realizing Zero Knowledge or commitment becomes provably impossible, even in the Common Reference String model. Still, we propose reasonable alternative set-up assumptions and protocols that allow realizing practically any cryptographic task under standard hardness assumptions even against adaptive corruptions.

UR - http://www.scopus.com/inward/record.url?scp=38049064364&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=38049064364&partnerID=8YFLogxK

M3 - Conference contribution

AN - SCOPUS:38049064364

SN - 9783540709350

VL - 4392 LNCS

T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

SP - 61

EP - 85

BT - Theory of Cryptography - 4th Theory of Cryptography Conference, TCC 2007, Proceedings

ER -