Abstract
Adaptive security is a highly desirable property in the design of secure protocols. It tolerates adversaries that corrupt parties as the protocol proceeds, as opposed to static security where the adversary corrupts the parties at the onset of the execution. The well-accepted folklore is that static and adaptive securities are equivalent for perfectly secure protocols. Indeed, this folklore is backed up with a transformation by Canetti et al. (EUROCRYPT'01), showing that any perfectly secure protocol that is statically secure and satisfies some basic requirements is also adaptively secure. Yet, the transformation results in an adaptively secure protocol with inefficient simulation (i.e., where the simulator might run in super-polynomial time even if the adversary runs just in polynomial time). Inefficient simulation is problematic when using the protocol as a sub-routine in the computational setting. Our main question is whether an alternative efficient transformation from static to adaptive security exists. We show an inherent difficulty in achieving this goal generically. In contrast to the folklore, we present a protocol that is perfectly secure with efficient static simulation (therefore also adaptively secure with inefficient simulation), but for which efficient adaptive simulation does not exist (assuming the existence of one-way permutations). In addition, we prove that the seminal protocol of Ben-Or, Goldwasser and Wigderson (STOC'88) is secure against adaptive, semi-honest corruptions with efficient simulation. Previously, adaptive security of the protocol, as is, was only known either for a restricted class of circuits, or for all circuits but with inefficient simulation.
| Original language | English |
|---|---|
| Title of host publication | 3rd Conference on Information-Theoretic Cryptography, ITC 2022 |
| Editors | Dana Dachman-Soled |
| Publisher | Schloss Dagstuhl- Leibniz-Zentrum fur Informatik GmbH, Dagstuhl Publishing |
| ISBN (Electronic) | 9783959772389 |
| DOIs | |
| State | Published - 1 Jul 2022 |
| Event | 3rd Conference on Information-Theoretic Cryptography, ITC 2022 - Cambridge, United States Duration: 5 Jul 2022 → 7 Jul 2022 |
Publication series
| Name | Leibniz International Proceedings in Informatics, LIPIcs |
|---|---|
| Volume | 230 |
| ISSN (Print) | 1868-8969 |
Conference
| Conference | 3rd Conference on Information-Theoretic Cryptography, ITC 2022 |
|---|---|
| Country/Territory | United States |
| City | Cambridge |
| Period | 5/07/22 → 7/07/22 |
Bibliographical note
Publisher Copyright:© Gilad Asharov, Ran Cohen, and Oren Shochat; licensed under Creative Commons License CC-BY 4.0
Funding
Gilad Asharov: Sponsored by the Israel Science Foundation (grant No. 2439/20), by JPM Faculty Research Award, by the BIU Center for Research in Applied Cryptography and Cyber Security in conjunction with the Israel National Cyber Bureau in the Prime Minister's Office, and by the European Union's Horizon 2020 research and innovation programme under the Marie Skłodowska-Curie grant agreement No. 891234. Ran Cohen: Research partially supported by NSF grant no. 2055568. Oren Shochat: Sponsored by the Israel Science Foundation (grant No. 2439/20). Funding Gilad Asharov: Sponsored by the Israel Science Foundation (grant No. 2439/20), by JPM Faculty Research Award, by the BIU Center for Research in Applied Cryptography and Cyber Security in conjunction with the Israel National Cyber Bureau in the Prime Minister’s Office, and by the European Union’s Horizon 2020 research and innovation programme under the Marie Skłodowska-Curie grant agreement No. 891234. Ran Cohen: Research partially supported by NSF grant no. 2055568. Oren Shochat: Sponsored by the Israel Science Foundation (grant No. 2439/20).
| Funders | Funder number |
|---|---|
| National Science Foundation | 2055568 |
| JPMorgan Chase and Company | |
| Horizon 2020 Framework Programme | |
| H2020 Marie Skłodowska-Curie Actions | 891234 |
| Israel Science Foundation | 2439/20 |
| Horizon 2020 |
Keywords
- BGW protocol
- adaptive security
- perfect security
- secure multiparty computation