64 Hits in 4.5 sec

Universally Composable Authentication and Key-Exchange with Global PKI [chapter]

Ran Canetti, Daniel Shahaf, Margarita Vald
2016 Lecture Notes in Computer Science  
Specifically, we model PKI as a global set-up functionality within the Global UC security model [Canetti et al., TCC 2007] and relax the ideal authentication and key exchange functionalities accordingly  ...  Specifically, existing treatments either (a) make the unrealistic assumption that the PKI is accessible only within the confines of the protocol itself, thus failing to capture real-world PKI-based authentication  ...  Other attempts at composable analysis were made in [CK02] and later in [Can04] within the Universally Composable (UC) security framework of [Can01] .  ... 
doi:10.1007/978-3-662-49387-8_11 fatcat:hz6gsqgnmnb3blbxhzgnx64nzu

A second note on the feasibility of generalized universal composability

2016 Mathematical Structures in Computer Science  
(Universally composable security with global setup. Lecture Notes in Computer Science, pp. 61–85, 2007).  ...  (Universally composable security with global setup. Lecture Notes in Computer Science, pp. 61–85, 2007). Interestingly, the attack was not analysed in the GUC model in Yao et al.  ...  Universal Composition (UC) and Generalized Universal Composition (GUC) In this section, we briefly recall the Universal Composability framework and the Generalized Universal Composability framework.  ... 
doi:10.1017/s0960129516000074 fatcat:o7buu6uvdrgy5eucfkpmkflhfy

The IITM Model: A Simple and Expressive Model for Universal Composability

Ralf Küsters, Max Tuengerthal, Daniel Rausch
2020 Journal of Cryptology  
Being inspired by other models for universal composability, in particular the UC model and because of the flexibility and expressivity of the IITM model, conceptually, results formulated in these models  ...  communication with the adversary/environment or communication with a simulator (see below).  ...  Within the IITM model, the composition theorems with global setup are now stated as follows.  ... 
doi:10.1007/s00145-020-09352-1 fatcat:2xl2ycqtnjaetah7oqcu2nuely

Concurrently Composable Security with Shielded Super-Polynomial Simulators [chapter]

Brandon Broadnax, Nico Döttling, Gunnar Hartung, Jörn Müller-Quade, Matthias Nagel
2017 Lecture Notes in Computer Science  
Our notion is fully compatible with the UC framework, i. e., protocols proven secure in the UC framework remain secure in our framework.  ...  Furthermore, our notion lies strictly between SPS and Angel-based security, while being closed under protocol composition.  ...  depending on the position within the global order of sessions.  ... 
doi:10.1007/978-3-319-56620-7_13 fatcat:h6ihumklf5dqxdqbd26jiexpue

Practical UC security with a Global Random Oracle

Ran Canetti, Abhishek Jain, Alessandra Scafuro
2014 Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security - CCS '14  
, global, random oracle and no other trusted setup.  ...  Dodis Shoup and Walfish [DSW08] also make use of a global (non-programmable) random oracle within the GUC framework.  ...  In [CR03] Canetti and Rabin introduce Universal Composition with Joint State (JUC), and a new composition theorem that allows to prove composition of protocols that share some state.  ... 
doi:10.1145/2660267.2660374 dblp:conf/ccs/Canetti0S14 fatcat:zlix3j3o6ncg3pynvygouwxbwm

A Unified Approach to Constructing Black-Box UC Protocols in Trusted Setup Models [chapter]

Susumu Kiyoshima, Huijia Lin, Muthuramakrishnan Venkitasubramaniam
2017 Lecture Notes in Computer Science  
We present a unified framework for obtaining black-box constructions of Universal Composable (UC) protocol in trusted setup models.  ...  given trusted setup.  ...  This model should be compared with the Global UC (GUC) framework of [7] , where a trusted setup is not only available to all protocol instances, but also to the environment.  ... 
doi:10.1007/978-3-319-70500-2_26 fatcat:bytospaqiff4bmrujryrb66qry

Fair and Robust Multi-party Computation Using a Global Transaction Ledger [chapter]

Aggelos Kiayias, Hong-Sheng Zhou, Vassilis Zikas
2016 Lecture Notes in Computer Science  
Second, our model, is expressed in the universal composition setting with global setup and is equipped with a composition theorem that enables the design of protocols that compose safely with each other  ...  and within larger environments where other protocols with compensation take place; a composition theorem for MPC protocols with compensation was not known before.  ...  Our composition proof treats the clock and ledger functionalities as global setups in the sense of [CDPW07, CJS14] .  ... 
doi:10.1007/978-3-662-49896-5_25 fatcat:tpbbzicqmzbepiqnun3trjqkem

General Composition and Universal Composability in Secure Multiparty Computation

Yehuda Lindell
2008 Journal of Cryptology  
Concurrent general composition relates to a setting where a secure protocol is run in a network concurrently with other, arbitrary protocols.  ...  A protocol is said to maintain security under general composition if its security is maintained even when it is run along with other arbitrary protocols.  ...  This is important with respect to the optimality of the UC definition (because by [12] many UC-secure protocols must use some form of setup).  ... 
doi:10.1007/s00145-008-9021-2 fatcat:a467lb4dofcmflanqx2u5pfduu

Collusion-Preserving Computation [chapter]

Joël Alwen, Jonathan Katz, Ueli Maurer, Vassilis Zikas
2012 Lecture Notes in Computer Science  
The goals in revisiting the definition are: • To give a definition with respect to arbitrary communication resources (that includes as special cases the communication models from prior work).  ...  (This property is not implied by collusion-freeness.) • To provide a definition supporting composition, so that protocols can be designed in a modular fashion using sub-protocols run among subsets of the  ...  Definition A.0.2 (UC Computation with Global Setup). LetḠ be a global setup, R be a resource.  ... 
doi:10.1007/978-3-642-32009-5_9 fatcat:25h2cbfo3jfsnmkypp7zck4qtu

On the Security of Password-Authenticated Quantum Key Exchange [article]

Céline Chevalier, Marc Kaplan, Quoc Huy Vu
2019 arXiv   pre-print
Universal Composability. However, as being pointed out in the literature, this ability of simulating does not play well with composition.  ...  The model with no trusted set-up is called plain. Ideal Functionalities.  ...  Thereafter, S interacts with the ideal functionality F pwKE and its subroutine A. (Essentially, S uses ck = ck H for its commitments and A uses ck = ck B for its commitments.  ... 
arXiv:1904.01526v2 fatcat:w2vwzupckjg3zjaqdlyajuhuvy

Chosen-ciphertext secure proxy re-encryption

Ran Canetti, Susan Hohenberger
2007 Proceedings of the 14th ACM conference on Computer and communications security - CCS '07  
We also formally capture CCA security for PRE schemes via both a game-based definition and simulation-based definitions that guarantee universally composable security.  ...  We note that, simultaneously with our work, Green and Ateniese proposed a CCA-secure PRE, discussed herein.  ...  The simulation-based definitions are formulated within the universally composable (UC) framework [9] .  ... 
doi:10.1145/1315245.1315269 dblp:conf/ccs/CanettiH07 fatcat:k5pojvupfrbmpof423mbyhbg7u

Obtaining Universally Compoable Security: Towards the Bare Bones of Trust [chapter]

Ran Canetti
Advances in Cryptology – ASIACRYPT 2007  
Universally Composable (UC) security provides this guarantee in a strong sense: A UC-secure protocol maintains its security properties even when composed concurrently with an unbounded number of instances  ...  However, many interesting cryptographic tasks are provably impossible to realize with UC security in the standard, "plain" model of computation.  ...  In [cdpw07] it is shown that, within the GUC framework, the UC theorem holds even with respect to protocols that are not subroutine respecting: Theorem (generalized universal composition): Let ρ, φ,  ... 
doi:10.1007/978-3-540-76900-2_6 dblp:conf/asiacrypt/Canetti07 fatcat:4p7yr6cg3ray5acyi2qer5n6fe

On the Relation Between SIM and IND-RoR Security Models for PAKEs

José Becerra, Vincenzo Iovino, Dimiter Ostrev, Marjan Škrobot
2017 Proceedings of the 14th International Joint Conference on e-Business and Telecommunications  
Security models for PAKE protocols aim to capture the desired security properties that such protocols must satisfy when executed in the presence of an active adversary.  ...  Canetti and Krawczyk in (Canetti and Krawczyk, 2002) took SIM definitions further by expanding the composition guarantees of KE from (Shoup, 1999) to arbitrary protocols within the Universal Composability  ...  In the plain model, the security of a cryptosystem is proved using only general complexity assumptions and no trusted setup.  ... 
doi:10.5220/0006430301510162 dblp:conf/secrypt/BecerraIOS17 fatcat:mol5nbfq75exldve7g4egwz4t4

A Framework for Practical Universally Composable Zero-Knowledge Protocols [chapter]

Jan Camenisch, Stephan Krenn, Victor Shoup
2011 Lecture Notes in Computer Science  
To this end we propose an extension of the UC-framework addressing the problem that UC-secure zero-knowledge proofs are always proofs of knowledge, and state a special composition theorem which allows  ...  This problem can be tackled by moving to the Universal Composability (UC) framework, which guarantees retention of security when composing protocols and, in particular, when using them as building blocks  ...  Further, [28] analyzes UC-ZK in the presence of global setup [18] . The idea of committed proofs was first mentioned in [37] .  ... 
doi:10.1007/978-3-642-25385-0_24 fatcat:kkkrqulelja5dbrazzmlpnaqna

On the Relation Between SIM and IND-RoR Security Models for PAKEs with Forward Secrecy [chapter]

José Becerra, Vincenzo Iovino, Dimiter Ostrev, Marjan Škrobot
2019 Communications in Computer and Information Science  
Another model which is prominent in PAKE research is the Universal Composability (UC) framework for PAKE of Canetti et al. [8].  ...  In more theoretical work, Goldreich and Lindell [25] proposed a PAKE in the plain model 4 that follows the simulation tradition.  ...  Canetti and Krawczyk in [33] took SIM definitions further by expanding the composition guarantees of AKE from [7] to arbitrary protocols within the Universal Composability (UC) framework of Canetti  ... 
doi:10.1007/978-3-030-11039-0_9 fatcat:6infwvtrsbez3gedjzjwsxf3ji
« Previous Showing results 1 — 15 out of 64 results