A simpler variant of universally composable security for standard multiparty computation

Ran Canetti, Asaf Cohen, Yehuda Lindell

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

48 Scopus citations

Abstract

In this paper, we present a simpler and more restricted variant of the universally composable security (UC) framework that is suitable for “standard” two-party and multiparty computation tasks. Many of the complications of the UC framework exist in order to enable more general tasks than classic secure computation. This generality may be a barrier to entry for those who are used to the stand-alone model of secure computation and wish to work with universally composable security but are overwhelmed by the differences. The variant presented here (called simplified universally composable security, or just SUC) is closer to the definition of security for multiparty computation in the stand-alone setting. The main difference is that a protocol in the SUC framework runs with a fixed set of parties, and machines cannot be added dynamically to the execution. As a result, the definitions of polynomial time and protocol composition are much simpler. In addition, the SUC framework has authenticated channels built in, as is standard in previous definitions of security, and all communication is done via the adversary in order to enable arbitrary scheduling of messages. Due to these differences, not all cryptographic tasks can be expressed in the SUC framework. Nevertheless, standard secure computation tasks (like secure function evaluation) can be expressed. Importantly, we show that for every protocol that can be represented in the SUC framework, the protocol is secure in SUC if and only if it is secure in UC. Therefore, the UC composition theorem holds and any protocol that is proven secure under SUC is secure under the general framework (with some technical changes to the functionality definition). As a result, protocols that are secure in the SUC framework are secure when an a priori unbounded number of concurrent executions of the protocols take place (relative to the same fixed set of parties).

Original languageEnglish
Title of host publicationAdvances in Cryptology - CRYPTO 2015 - 35th Annual Cryptology Conference, Proceedings
EditorsMatthew Robshaw, Rosario Gennaro
PublisherSpringer Verlag
Pages3-22
Number of pages20
ISBN (Print)9783662479995
DOIs
StatePublished - 2015
Event35th Annual Cryptology Conference, CRYPTO 2015 - Santa Barbara, United States
Duration: 16 Aug 201520 Aug 2015

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume9216
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349

Conference

Conference35th Annual Cryptology Conference, CRYPTO 2015
Country/TerritoryUnited States
CitySanta Barbara
Period16/08/1520/08/15

Bibliographical note

Publisher Copyright:
© International Association for Cryptologic Research 2015.

Funding

The full version of this work can be found on the IACR Cryptology ePrint Archive []. This work was supported by the israel science foundation (grant No. 189/11).

FundersFunder number
Israel Science Foundation189/11

    Fingerprint

    Dive into the research topics of 'A simpler variant of universally composable security for standard multiparty computation'. Together they form a unique fingerprint.

    Cite this