On Black-Box Complexity of Universally Composable Security in the CRS Model

In this work, we study the intrinsic complexity of black-box Universally Composable (UC) secure computation based on general assumptions. We present a thorough study in various corruption modelings while focusing on achieving security in the common reference string (CRS) model. Our results involve the following:Static UC secure computation. Designing the first static UC oblivious transfer protocol based on public-key encryption and stand-alone semi-honest oblivious transfer. As a corollary, we obtain the first black-box constructions of UC secure computation assuming only two-round semi-honest oblivious transfer.One-sided UC secure computation. Designing adaptive UC two-party computation with single corruptions assuming public-key encryption with oblivious ciphertext generation.Adaptive UC secure computation. Designing adaptively secure UC commitment scheme assuming only public-key encryption with oblivious ciphertext generation. As a corollary, we obtain the first black-box constructions of adaptive UC secure computation assuming only (trapdoor) simulatable public-key encryption (as well as a variety of concrete assumptions).We remark that such a result was not known even under non-black-box constructions.

[1]  Rafail Ostrovsky,et al.  Round-Optimal Secure Two-Party Computation , 2004, CRYPTO.

[2]  Rafael Pass,et al.  A unified framework for concurrent security: universal composability from stand-alone non-malleability , 2009, STOC '09.

[3]  Ivan Damgård,et al.  Non-interactive and reusable non-malleable commitment schemes , 2003, STOC '03.

[4]  Rafail Ostrovsky,et al.  Constructing Non-malleable Commitments: A Black-Box Approach , 2012, 2012 IEEE 53rd Annual Symposium on Foundations of Computer Science.

[5]  Yehuda Lindell,et al.  Black-Box Constructions of Protocols for Secure Computation , 2011, IACR Cryptol. ePrint Arch..

[6]  Joe Kilian,et al.  Founding crytpography on oblivious transfer , 1988, STOC '88.

[7]  Carmit Hazay,et al.  One-Sided Adaptively Secure Two-Party Computation , 2014, TCC.

[8]  Tal Malkin,et al.  Adaptive and Concurrent Secure Computation from New Adaptive, Non-malleable Commitments , 2013, ASIACRYPT.

[9]  Moni Naor,et al.  Efficient oblivious transfer protocols , 2001, SODA '01.

[10]  Michael O. Rabin,et al.  How To Exchange Secrets with Oblivious Transfer , 2005, IACR Cryptol. ePrint Arch..

[11]  Moni Naor,et al.  Adaptively secure multi-party computation , 1996, STOC '96.

[12]  Carmit Hazay,et al.  On Black-Box Complexity of Universally Composable Security in the CRS Model , 2015, ASIACRYPT.

[13]  Hoeteck Wee,et al.  Black-Box Constructions of Two-Party Protocols from One-Way Functions , 2009, TCC.

[14]  Oded Goldreich,et al.  Foundations of Cryptography: Basic Tools , 2000 .

[15]  Abhi Shelat,et al.  Cryptography from Sunspots: How to Use an Imperfect Reference String , 2007, 48th Annual IEEE Symposium on Foundations of Computer Science (FOCS'07).

[16]  Yehuda Lindell,et al.  Universally composable two-party and multi-party secure computation , 2002, STOC '02.

[17]  Ran Canetti,et al.  Universally composable protocols with relaxed set-up assumptions , 2004, 45th Annual IEEE Symposium on Foundations of Computer Science.

[18]  Ivan Damgård,et al.  Perfect Hiding and Perfect Binding Universally Composable Commitment Schemes with Constant Expansion Factor , 2001, CRYPTO.

[19]  Yuval Ishai,et al.  Founding Cryptography on Oblivious Transfer - Efficiently , 2008, CRYPTO.

[20]  Yael Tauman Kalai,et al.  Smooth Projective Hashing and Two-Message Oblivious Transfer , 2005, Journal of Cryptology.

[21]  A. Föhrenbach,et al.  SIMPLE++ , 2000, OR Spectr..

[22]  Ran Canetti,et al.  Universally composable security: a new paradigm for cryptographic protocols , 2001, Proceedings 2001 IEEE International Conference on Cluster Computing.

[23]  Susumu Kiyoshima,et al.  A Unified Approach to Constructing Black-Box UC Protocols in Trusted Setup Models , 2017, TCC.

[24]  Tal Malkin,et al.  Simple, Black-Box Constructions of Adaptively Secure Protocols , 2009, TCC.

[25]  Iftach Haitner,et al.  Semi-honest to Malicious Oblivious Transfer - The Black-Box Way , 2008, TCC.

[26]  Silvio Micali,et al.  Secure Computation (Abstract) , 1991, CRYPTO.

[27]  Silvio Micali,et al.  How to play any mental game, or a completeness theorem for protocols with honest majority , 2019, Providing Sound Foundations for Cryptography.

[28]  Tal Malkin,et al.  Improved Non-committing Encryption with Applications to Adaptively Secure Protocols , 2009, ASIACRYPT.

[29]  Ivan Damgård,et al.  On the Necessary and Sufficient Assumptions for UC Computation , 2010, TCC.

[30]  Brent Waters,et al.  A Framework for Efficient and Composable Oblivious Transfer , 2008, CRYPTO.

[31]  Ran Canetti,et al.  Universally Composable Security with Global Setup , 2007, TCC.

[32]  Anderson C. A. Nascimento,et al.  Universally Composable Oblivious Transfer from Lossy Encryption and the McEliece Assumptions , 2012, ICITS.

[33]  Yehuda Lindell,et al.  Adaptive Zero-Knowledge Proofs and Adaptively Secure Oblivious Transfer , 2009, Journal of Cryptology.

[34]  Yehuda Lindell,et al.  On the Limitations of Universally Composable Two-Party Computation without Set-up Assumptions , 2003, EUROCRYPT.

[35]  Oded Goldreich,et al.  Foundations of Cryptography: List of Figures , 2001 .

[36]  Ivan Damgård,et al.  Improved Non-committing Encryption Schemes Based on a General Complexity Assumption , 2000, Annual International Cryptology Conference.

[37]  Donald Beaver,et al.  Foundations of Secure Interactive Computing , 1991, CRYPTO.

[38]  Ran Canetti,et al.  Universally Composable Commitments , 2001, CRYPTO.

[39]  Manoj Prabhakaran,et al.  A Zero-One Law for Cryptographic Complexity with Respect to Computational UC Security , 2010, CRYPTO.

[40]  Yehuda Lindell,et al.  General Composition and Universal Composability in Secure Multiparty Computation , 2003, 44th Annual IEEE Symposium on Foundations of Computer Science, 2003. Proceedings..

[41]  David Pointcheval,et al.  Analysis and Improvement of Lindell's UC-Secure Commitment Schemes , 2013, IACR Cryptol. ePrint Arch..

[42]  Andrew Chi-Chih Yao,et al.  How to Generate and Exchange Secrets (Extended Abstract) , 1986, FOCS.

[43]  Anderson C. A. Nascimento,et al.  Universally Composable Oblivious Transfer Based on a Variant of LPN , 2014, CANS.

[44]  Ivan Damgård,et al.  Unconditionally Secure and Universally Composable Commitments from Physical Assumptions , 2013, IACR Cryptol. ePrint Arch..

[45]  Rafael Pass,et al.  A Unified Framework for UC from Only OT , 2012, ASIACRYPT.

[46]  Yehuda Lindell,et al.  Black-box constructions for secure computation , 2006, STOC '06.

[47]  Yehuda Lindell,et al.  Highly-Efficient Universally-Composable Commitments based on the DDH Assumption , 2011, IACR Cryptol. ePrint Arch..

[48]  Oded Goldreich Foundations of Cryptography: Index , 2001 .

[49]  Russell Impagliazzo,et al.  Limits on the Provable Consequences of One-way Permutations , 1988, CRYPTO.

[50]  Andrew Y. Lindell Adaptively Secure Two-Party Computation with Erasures , 2009, CT-RSA.

[51]  Daniel Wichs,et al.  Somewhat Non-Committing Encryption and Efficient Adaptively Secure Oblivious Transfer , 2009, IACR Cryptol. ePrint Arch..

[52]  Rudolf Ahlswede,et al.  Founding Cryptography on Oblivious Transfer , 2016 .

[53]  Oded Goldreich,et al.  A randomized protocol for signing contracts , 1985, CACM.

[54]  Yehuda Lindell,et al.  Concurrent Composition of Secure Protocols in the Timing Model , 2007, Journal of Cryptology.

[55]  Jonathan Katz,et al.  Efficient, Adaptively Secure, and Composable Oblivious Transfer with a Single, Global CRS , 2013, Public Key Cryptography.

[56]  Adi Shamir,et al.  How to share a secret , 1979, CACM.

[57]  Sampath Kannan,et al.  The relationship between public key encryption and oblivious transfer , 2000, Proceedings 41st Annual Symposium on Foundations of Computer Science.

[58]  Rafael Pass,et al.  Black-Box Constructions of Composable Protocols without Set-Up , 2012, CRYPTO.