Abstract
Adaptive security is a strong security notion that captures additional security threats that are not addressed by static corruptions. For instance, it captures real-world scenarios where “hackers” actively break into computers, possibly while they are executing secure protocols. Studying this setting is interesting from both theoretical and practical points of view. A primary building block in designing adaptively secure protocols is a non-committing encryption (NCE) that implements secure communication channels in the presence of adaptive corruptions. Current constructions require a number of public key operations that grow linearly with the length of the message. Furthermore, general two-party protocols require a number of NCE calls that dependent both on the circuit size and on the security parameter. In this paper, we study the two-party setting in which at most one of the parties is adaptively corrupted, and demonstrate the feasibility of (1) NCE with constant number of public key operations for large message spaces, (2) oblivious transfer with constant number of public key operations for large sender’s input spaces, and (3) constant round secure computation protocols with an overall number of public key operations that is linear in the circuit size. Our study demonstrates that such primitives indeed exist in the presence of single corruptions without erasures, while this is not known for fully adaptive security under standard assumptions (where both parties may get corrupted). Our results are shown in the UC setting with a CRS setup.
Original language | English |
---|---|
Pages (from-to) | 321-371 |
Number of pages | 51 |
Journal | Journal of Cryptology |
Volume | 30 |
Issue number | 1 |
DOIs | |
State | Published - 1 Jan 2017 |
Bibliographical note
Publisher Copyright:© 2015, International Association for Cryptologic Research.
Keywords
- Adaptive security
- Non-committing encryption
- Oblivious transfer
- Secure two-party computation