Completeness Theorems for Adaptively Secure Broadcast

Ran Cohen; Juan Garay; Vassilis Zikas

doi:10.1007/978-3-031-38557-5_1

Completeness Theorems for Adaptively Secure Broadcast

Ran Cohen, Juan Garay, Vassilis Zikas

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

1 Scopus citations

Abstract

The advent of blockchain protocols has reignited the interest in adaptively secure broadcast; it is by now well understood that broadcasting over a diffusion network allows an adaptive adversary to corrupt the sender depending on the message it attempts to send and change it. Hirt and Zikas [Eurocrypt ’10] proved that this is an inherent limitation of broadcast in the simulation-based setting—i.e., this task is impossible against an adaptive adversary corrupting a majority of the parties (a task that is achievable against a static adversary). The contributions of this paper are two-fold. First, we show that, contrary to previous perception, the above limitation of adaptively secure broadcast is not an artifact of simulation-based security, but rather an inherent issue of adaptive security. In particular, we show that: (1) it also applies to the property-based broadcast definition adapted for adaptive adversaries, and (2) unlike other impossibilities in adaptive security, this impossibility cannot be circumvented by adding a programmable random oracle, in neither setting, property-based or simulation-based. Second, we turn to the resource-restricted cryptography (RRC) paradigm [Garay et al., Eurocrypt ’20], which has proven useful in circumventing impossibility results, and ask whether it also affects the above negative result. We answer this question in the affirmative, by showing that time-lock puzzles (TLPs)—which can be viewed as an instance of RRC—indeed allow for achieving the property-based definition and circumvent the impossibility of adaptively secure broadcast. The natural question is then, do TLPs also allow for simulation-based adaptively secure broadcast against corrupted majorities? We answer this question in the negative. However, we show that a positive result can be achieved via a non-committing analogue of TLPs in the programmable random-oracle model. Importantly, and as a contribution of independent interest, we also present the first (limited) composition theorem in the resource-restricted setting, which is needed for the complexity-based, non-idealized treatment of TLPs in the context of other protocols.

Original language	English
Title of host publication	Advances in Cryptology – CRYPTO 2023 - 43rd Annual International Cryptology Conference, CRYPTO 2023, Proceedings
Editors	Helena Handschuh, Anna Lysyanskaya
Publisher	Springer Science and Business Media Deutschland GmbH
Pages	3-38
Number of pages	36
ISBN (Print)	9783031385568
DOIs	https://doi.org/10.1007/978-3-031-38557-5_1
State	Published - 2023
Externally published	Yes
Event	43rd Annual International Cryptology Conference, CRYPTO 2023 - Santa Barbara, United States Duration: 20 Aug 2023 → 24 Aug 2023

Publication series

Name	Lecture Notes in Computer Science
Volume	14081 LNCS
ISSN (Print)	0302-9743
ISSN (Electronic)	1611-3349

Conference

Conference	43rd Annual International Cryptology Conference, CRYPTO 2023
Country/Territory	United States
City	Santa Barbara
Period	20/08/23 → 24/08/23

Bibliographical note

Publisher Copyright:
© 2023, International Association for Cryptologic Research.

Funding

Acknowledgements. Research supported in part by an Alon Young Faculty Fellowship, by a grant from the Israel Science Foundation (ISF Grant No. 1774/20), and by a grant from the US-Israel Binational Science Foundation and the US National Science Foundation (BSF-NSF Grant No. 2020643). Acknowledgments. Anasuya Acharya and Carmit Hazay are supported by ISF grant No. 1316/18. Carmit Hazay is also supported by the Algorand Centres of Excellence programme managed by Algorand Foundation. Any opinions, findings, and conclusions or recommendations expressed in this material are those of the author(s) and do not necessarily reflect the views of Algorand Foundation. The fourth author was supported by a JPMorgan Chase Faculty Research Award, Technology, and Humanity Fund from the McCourt School of Public Policy at Georgetown University, and a Google Research Award. Grant. This material is based upon work supported by the Defense Advanced Research Projects Agency through Award HR00112020024. A. Srinivasan was supported in part by a SERB startup grant and Google India Research Award. 2055694. Vassilis Zikas’s research is supported in part by NSF grant no. 2055599 and by Sunday Group. The authors are also supported by the Algorand Centres of Excellence programme managed by Algorand Foundation. Any opinions, findings, and conclusions or recommendations expressed in this material are those of the author(s) and do not necessarily reflect the views of Algorand Foundation. Acknowledgment. Y. Ishai was supported in part by ERC Project NTSC (742754), BSF grant 2018393, ISF grant 2774/20, and a Google Faculty Research Award. D. Khu-rana was supported in part by NSF CAREER CNS-2238718 and DARPA SIEVE. A. Sahai was supported in part from a Simons Investigator Award, DARPA SIEVE award, NTT Research, NSF Frontier Award 1413955, BSF grant 2012378, a Xerox Faculty Research Award, a Google Faculty Research Award, and an Okawa Foundation Research tial privacy in the shuﬄe model and the anonymous reviewers for their comments. Y. Ishai and E. Kushilevitz were supported by ISF grant 2774/20 and BSF grant 2018393. Y. Ishai was additionally supported by ERC Project NTSC (742754). Acknowledgments. Ran Cohen’s research is supported in part by NSF grant no. 2055568. Juan Garay’s research is supported in part by NSF grants no. 2001082 and G. Garimella, M. Rosulek and J. Singh—Authors partially supported by NSF award S2356A. Acknowledgements. D. Boneh is supported by NSF, the DARPA SIEVE program, the Simons Foundation, UBRI, and NTT Research. E. Boyle is supported by AFOSR Award FA9550-21-1-0046, ERC Project HSS (852952), and a Google Research Award. H. Corrigan-Gibbs is supported by Capital One, Facebook, Google, Mozilla, Seagate, MIT’s FinTech@CSAIL Initiative, and NSF Award CNS-2054869. N. Gilboa is supported by ISF grant 2951/20, ERC grant 876110, and a grant by the BGU Cyber Center. Y. Ishai is supported by ERC Project NTSC (742754), BSF grant 2018393, and ISF grant 2774/20. Opinions, findings, and conclusions or recommendations expressed in this material are those of the authors and do not necessarily reflect the views of DARPA. Acknowledgments. The research described in this paper received funding from: the Concordium Blockhain Research Center, Aarhus University, Denmark; the Carlsberg Foundation under the Semper Ardens Research Project CF18-112 (BCM); the European Research Council (ERC) under the European Unions’s Horizon 2020 research and innovation programme under grant agreement No 803096 (SPEC); the Danish Independent Research Council under Grant-ID DFF-0165-00107B (C3PO). ritos and quesadillas. He also thanks the Aarhus Crypto Group and the people at NTT Research for being amazing humans (independently of their success in research). The work of Damiano Abram was carried out during an internship funded by NTT Research. Acknowledgements. We would like to thank Alin Tomescu, Kobi Gurkan, Julian Loss, and Renas Bacho for many insightful discussions. Gilad Stern was supported by the HUJI Federmann Cyber Security Research Center in conjunction with the Israel National Cyber Directorate (INCD) in the Prime Minister’s Office. Acknowledgements. This work is supported in part by DARPA under Cooperative Agreement HR0011-20-2-0025, the Algorand Centers of Excellence programme managed by Algorand Foundation, NSF grants CNS-2246355, CCF-2220450 and CNS-2001096, US-Israel BSF grant 2015782, Amazon Faculty Award, Cisco Research Award and Sunday Group. Any views, opinions, findings, conclusions or recommendations contained herein are those of the author(s) and should not be interpreted as necessarily representing the official policies, either expressed or implied, of DARPA, the Department of Defense, the Algorand Foundation, or the U.S. Government. The U.S. Government is authorized to reproduce and distribute reprints for governmental purposes not withstanding any copyright annotation therein. Acknowledgements. Pedro Branco was partially funded by the German Federal Ministry of Education and Research (BMBF) in the course of the 6GEM research hub under grant number 16KISK038. Nico Döttling: Funded by the European Union (ERC, LACONIC, 101041207). Views and opinions expressed are however those of the author(s) only and do not necessarily reflect those of the European Union or the European Research Council. Neither the European Union nor the granting authority can be held responsible for them. Akshayaram Srinivasan was supported in part by a SERB startup grant and Google India Research Award. Ran Cohen’s research is supported in part by NSF grant no. 2055568. Juan Garay’s research is supported in part by NSF grants no. 2001082 and 2055694. Vassilis Zikas’s research is supported in part by NSF grant no. 2055599 and by Sunday Group. The authors are also supported by the Algorand Centres of Excellence programme managed by Algorand Foundation. Any opinions, findings, and conclusions or recommendations expressed in this material are those of the author(s) and do not necessarily reflect the views of Algorand Foundation. Acknowledgements. This work is funded in part by National Science Foundation award 2143058.

Funders	Funder number
Algorand Foundation
BSF-NSF	2020643
European Unions’s Horizon 2020 research and innovation programme	803096
Google India Research Award
JPMorgan
McCourt School of Public Policy
NTSC	742754
Sunday Group
UBRI
US-Israel BSF	2015782
National Science Foundation	2001082, 2055694, CNS-2001096, CNS-2154174, 2055599, CCF-2220450, CNS-2238718, S2356A, CNS-2026774, 2055568, 2143058, CNS-2246355
Air Force Office of Scientific Research	FA9550-21-1-0046
Defense Advanced Research Projects Agency	HR0011-20-2-0025, HR00112020024
Simons Foundation
Microsoft
Cisco Systems
Google	CNS-2054869
Aarhus Universitet
Georgetown University
NTT Research	1413955, 2012378
European Commission	852952
United States-Israel Binational Science Foundation	2018393, 2774/20
Science and Engineering Research Board
Bundesministerium für Bildung und Forschung	16KISK038
Carlsbergfondet	CF18-112
Israel Science Foundation	1774/20, 876110, 2951/20, 1316/18
Okawa Foundation for Information and Telecommunications
Danmarks Frie Forskningsfond	DFF-0165-00107B
Ben-Gurion University of the Negev

Access to Document

10.1007/978-3-031-38557-5_1

Cite this

Cohen, R., Garay, J., & Zikas, V. (2023). Completeness Theorems for Adaptively Secure Broadcast. In H. Handschuh, & A. Lysyanskaya (Eds.), Advances in Cryptology – CRYPTO 2023 - 43rd Annual International Cryptology Conference, CRYPTO 2023, Proceedings (pp. 3-38). (Lecture Notes in Computer Science; Vol. 14081 LNCS). Springer Science and Business Media Deutschland GmbH. https://doi.org/10.1007/978-3-031-38557-5_1

@inproceedings{04cdfe0a4192467799a8440d3ace7aa7,

title = "Completeness Theorems for Adaptively Secure Broadcast",

abstract = "The advent of blockchain protocols has reignited the interest in adaptively secure broadcast; it is by now well understood that broadcasting over a diffusion network allows an adaptive adversary to corrupt the sender depending on the message it attempts to send and change it. Hirt and Zikas [Eurocrypt {\textquoteright}10] proved that this is an inherent limitation of broadcast in the simulation-based setting—i.e., this task is impossible against an adaptive adversary corrupting a majority of the parties (a task that is achievable against a static adversary). The contributions of this paper are two-fold. First, we show that, contrary to previous perception, the above limitation of adaptively secure broadcast is not an artifact of simulation-based security, but rather an inherent issue of adaptive security. In particular, we show that: (1) it also applies to the property-based broadcast definition adapted for adaptive adversaries, and (2) unlike other impossibilities in adaptive security, this impossibility cannot be circumvented by adding a programmable random oracle, in neither setting, property-based or simulation-based. Second, we turn to the resource-restricted cryptography (RRC) paradigm [Garay et al., Eurocrypt {\textquoteright}20], which has proven useful in circumventing impossibility results, and ask whether it also affects the above negative result. We answer this question in the affirmative, by showing that time-lock puzzles (TLPs)—which can be viewed as an instance of RRC—indeed allow for achieving the property-based definition and circumvent the impossibility of adaptively secure broadcast. The natural question is then, do TLPs also allow for simulation-based adaptively secure broadcast against corrupted majorities? We answer this question in the negative. However, we show that a positive result can be achieved via a non-committing analogue of TLPs in the programmable random-oracle model. Importantly, and as a contribution of independent interest, we also present the first (limited) composition theorem in the resource-restricted setting, which is needed for the complexity-based, non-idealized treatment of TLPs in the context of other protocols.",

author = "Ran Cohen and Juan Garay and Vassilis Zikas",

note = "Publisher Copyright: {\textcopyright} 2023, International Association for Cryptologic Research.; 43rd Annual International Cryptology Conference, CRYPTO 2023 ; Conference date: 20-08-2023 Through 24-08-2023",

year = "2023",

doi = "10.1007/978-3-031-38557-5_1",

language = "אנגלית",

isbn = "9783031385568",

series = "Lecture Notes in Computer Science",

publisher = "Springer Science and Business Media Deutschland GmbH",

pages = "3--38",

editor = "Helena Handschuh and Anna Lysyanskaya",

booktitle = "Advances in Cryptology – CRYPTO 2023 - 43rd Annual International Cryptology Conference, CRYPTO 2023, Proceedings",

address = "גרמניה",

}

Cohen, R, Garay, J & Zikas, V 2023, Completeness Theorems for Adaptively Secure Broadcast. in H Handschuh & A Lysyanskaya (eds), Advances in Cryptology – CRYPTO 2023 - 43rd Annual International Cryptology Conference, CRYPTO 2023, Proceedings. Lecture Notes in Computer Science, vol. 14081 LNCS, Springer Science and Business Media Deutschland GmbH, pp. 3-38, 43rd Annual International Cryptology Conference, CRYPTO 2023, Santa Barbara, United States, 20/08/23. https://doi.org/10.1007/978-3-031-38557-5_1

Completeness Theorems for Adaptively Secure Broadcast. / Cohen, Ran; Garay, Juan; Zikas, Vassilis.
Advances in Cryptology – CRYPTO 2023 - 43rd Annual International Cryptology Conference, CRYPTO 2023, Proceedings. ed. / Helena Handschuh; Anna Lysyanskaya. Springer Science and Business Media Deutschland GmbH, 2023. p. 3-38 (Lecture Notes in Computer Science; Vol. 14081 LNCS).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

TY - GEN

T1 - Completeness Theorems for Adaptively Secure Broadcast

AU - Cohen, Ran

AU - Garay, Juan

AU - Zikas, Vassilis

PY - 2023

Y1 - 2023

N2 - The advent of blockchain protocols has reignited the interest in adaptively secure broadcast; it is by now well understood that broadcasting over a diffusion network allows an adaptive adversary to corrupt the sender depending on the message it attempts to send and change it. Hirt and Zikas [Eurocrypt ’10] proved that this is an inherent limitation of broadcast in the simulation-based setting—i.e., this task is impossible against an adaptive adversary corrupting a majority of the parties (a task that is achievable against a static adversary). The contributions of this paper are two-fold. First, we show that, contrary to previous perception, the above limitation of adaptively secure broadcast is not an artifact of simulation-based security, but rather an inherent issue of adaptive security. In particular, we show that: (1) it also applies to the property-based broadcast definition adapted for adaptive adversaries, and (2) unlike other impossibilities in adaptive security, this impossibility cannot be circumvented by adding a programmable random oracle, in neither setting, property-based or simulation-based. Second, we turn to the resource-restricted cryptography (RRC) paradigm [Garay et al., Eurocrypt ’20], which has proven useful in circumventing impossibility results, and ask whether it also affects the above negative result. We answer this question in the affirmative, by showing that time-lock puzzles (TLPs)—which can be viewed as an instance of RRC—indeed allow for achieving the property-based definition and circumvent the impossibility of adaptively secure broadcast. The natural question is then, do TLPs also allow for simulation-based adaptively secure broadcast against corrupted majorities? We answer this question in the negative. However, we show that a positive result can be achieved via a non-committing analogue of TLPs in the programmable random-oracle model. Importantly, and as a contribution of independent interest, we also present the first (limited) composition theorem in the resource-restricted setting, which is needed for the complexity-based, non-idealized treatment of TLPs in the context of other protocols.

AB - The advent of blockchain protocols has reignited the interest in adaptively secure broadcast; it is by now well understood that broadcasting over a diffusion network allows an adaptive adversary to corrupt the sender depending on the message it attempts to send and change it. Hirt and Zikas [Eurocrypt ’10] proved that this is an inherent limitation of broadcast in the simulation-based setting—i.e., this task is impossible against an adaptive adversary corrupting a majority of the parties (a task that is achievable against a static adversary). The contributions of this paper are two-fold. First, we show that, contrary to previous perception, the above limitation of adaptively secure broadcast is not an artifact of simulation-based security, but rather an inherent issue of adaptive security. In particular, we show that: (1) it also applies to the property-based broadcast definition adapted for adaptive adversaries, and (2) unlike other impossibilities in adaptive security, this impossibility cannot be circumvented by adding a programmable random oracle, in neither setting, property-based or simulation-based. Second, we turn to the resource-restricted cryptography (RRC) paradigm [Garay et al., Eurocrypt ’20], which has proven useful in circumventing impossibility results, and ask whether it also affects the above negative result. We answer this question in the affirmative, by showing that time-lock puzzles (TLPs)—which can be viewed as an instance of RRC—indeed allow for achieving the property-based definition and circumvent the impossibility of adaptively secure broadcast. The natural question is then, do TLPs also allow for simulation-based adaptively secure broadcast against corrupted majorities? We answer this question in the negative. However, we show that a positive result can be achieved via a non-committing analogue of TLPs in the programmable random-oracle model. Importantly, and as a contribution of independent interest, we also present the first (limited) composition theorem in the resource-restricted setting, which is needed for the complexity-based, non-idealized treatment of TLPs in the context of other protocols.

UR - http://www.scopus.com/inward/record.url?scp=85172385486&partnerID=8YFLogxK

U2 - 10.1007/978-3-031-38557-5_1

DO - 10.1007/978-3-031-38557-5_1

M3 - ???researchoutput.researchoutputtypes.contributiontobookanthology.conference???

AN - SCOPUS:85172385486

SN - 9783031385568

T3 - Lecture Notes in Computer Science

SP - 3

EP - 38

BT - Advances in Cryptology – CRYPTO 2023 - 43rd Annual International Cryptology Conference, CRYPTO 2023, Proceedings

A2 - Handschuh, Helena

A2 - Lysyanskaya, Anna

PB - Springer Science and Business Media Deutschland GmbH

T2 - 43rd Annual International Cryptology Conference, CRYPTO 2023

Y2 - 20 August 2023 through 24 August 2023

ER -

Cohen R, Garay J, Zikas V. Completeness Theorems for Adaptively Secure Broadcast. In Handschuh H, Lysyanskaya A, editors, Advances in Cryptology – CRYPTO 2023 - 43rd Annual International Cryptology Conference, CRYPTO 2023, Proceedings. Springer Science and Business Media Deutschland GmbH. 2023. p. 3-38. (Lecture Notes in Computer Science). doi: 10.1007/978-3-031-38557-5_1