TY - JOUR
T1 - Protocols for Bounded-Concurrent Secure Two-Party Computation in the Plain Model.
AU - Lindell, Y.
PY - 2006
Y1 - 2006
N2 - Until recently, most research on the topic of secure computation focused on the stand-alone
model, where a single protocol execution takes place. In this paper, we construct protocols for
the setting of bounded-concurrent self-composition, where a (single) secure protocol is run many
times concurrently, and there is a predetermined bound on the number of concurrent executions.
In short, we show that any two-party functionality can be securely computed under boundedconcurrent
self-composition, in the plain model (where the only setup assumption made is that
the parties communicate via authenticated channels). Our protocol provides the first feasibility
result for general two-party computation in the plain model, for any model of concurrency. All
previous protocols assumed a trusted setup phase in order to obtain a common reference string.
On the downside, the number of rounds of communication in our protocol is super-linear in
the bound on the number of concurrent executions. Subsequent to this work, constant-round
protocols and protocols for the multiparty case were presented by Pass and Rosen (FOCS 2003)
and by Pass (STOC 2004). We remark that this paper contains the full version of the upperbound
portion of the extended abstract presented by the author at STOC 2003 [29] (the lower
bound from [29] appears in [33] together with other lower bounds from [32])
AB - Until recently, most research on the topic of secure computation focused on the stand-alone
model, where a single protocol execution takes place. In this paper, we construct protocols for
the setting of bounded-concurrent self-composition, where a (single) secure protocol is run many
times concurrently, and there is a predetermined bound on the number of concurrent executions.
In short, we show that any two-party functionality can be securely computed under boundedconcurrent
self-composition, in the plain model (where the only setup assumption made is that
the parties communicate via authenticated channels). Our protocol provides the first feasibility
result for general two-party computation in the plain model, for any model of concurrency. All
previous protocols assumed a trusted setup phase in order to obtain a common reference string.
On the downside, the number of rounds of communication in our protocol is super-linear in
the bound on the number of concurrent executions. Subsequent to this work, constant-round
protocols and protocols for the multiparty case were presented by Pass and Rosen (FOCS 2003)
and by Pass (STOC 2004). We remark that this paper contains the full version of the upperbound
portion of the extended abstract presented by the author at STOC 2003 [29] (the lower
bound from [29] appears in [33] together with other lower bounds from [32])
UR - https://scholar.google.com/citations?view_op=view_citation&hl=en&user=7JK9h1MAAAAJ&cstart=20&pagesize=80&citation_for_view=7JK9h1MAAAAJ:2P1L_qKh6hAC
M3 - Article
VL - 2006
SP - 1
EP - 50
JO - Chicago Journal of Theoretical Computer Science
JF - Chicago Journal of Theoretical Computer Science
ER -