TY - GEN
T1 - Adaptive hardness and composable security in the plain model from standard assumptions
AU - Canetti, Ran
AU - Lin, Huijia
AU - Pass, Rafael
PY - 2010
Y1 - 2010
N2 - We construct the first general secure computation protocols that require no trusted infrastructure other than authenticated communication, and that satisfy a meaningful notion of security that is preserved under universal composition - assuming only the existence of enhanced trapdoor permutations. The notion of security fits within a generalization of the "angel-based" framework of Prabhakaran and Sahai (STOC'04) and implies super-polynomial time simulation security. Security notions of this kind are currently known to be realizable only under strong and specific hardness assumptions. A key element in our construction is a commitment scheme that satisfies a new and strong notion of security. The notion, security against chosen-commitment-attacks (CCA security), means that security holds even if the attacker has access to a extraction oracle that gives the adversary decommitment information to commitments of the adversary's choice. This notion is stronger than concurrent non-malleability and is of independent interest. We construct CCA-secure commitments based on standard one-way functions, and with no trusted set-up. To the best of our knowledge, this provides the first construction of a natural cryptographic primitive requiring adaptive hardness from standard hardness assumptions, using no trusted set-up or public keys.
AB - We construct the first general secure computation protocols that require no trusted infrastructure other than authenticated communication, and that satisfy a meaningful notion of security that is preserved under universal composition - assuming only the existence of enhanced trapdoor permutations. The notion of security fits within a generalization of the "angel-based" framework of Prabhakaran and Sahai (STOC'04) and implies super-polynomial time simulation security. Security notions of this kind are currently known to be realizable only under strong and specific hardness assumptions. A key element in our construction is a commitment scheme that satisfies a new and strong notion of security. The notion, security against chosen-commitment-attacks (CCA security), means that security holds even if the attacker has access to a extraction oracle that gives the adversary decommitment information to commitments of the adversary's choice. This notion is stronger than concurrent non-malleability and is of independent interest. We construct CCA-secure commitments based on standard one-way functions, and with no trusted set-up. To the best of our knowledge, this provides the first construction of a natural cryptographic primitive requiring adaptive hardness from standard hardness assumptions, using no trusted set-up or public keys.
KW - Adaptive hardness
KW - Composable security
KW - Cryptography
KW - Secure multiparty computation
UR - http://www.scopus.com/inward/record.url?scp=78751481427&partnerID=8YFLogxK
U2 - 10.1109/FOCS.2010.86
DO - 10.1109/FOCS.2010.86
M3 - ???researchoutput.researchoutputtypes.contributiontobookanthology.conference???
AN - SCOPUS:78751481427
SN - 9780769542447
T3 - Proceedings - Annual IEEE Symposium on Foundations of Computer Science, FOCS
SP - 541
EP - 550
BT - Proceedings - 2010 IEEE 51st Annual Symposium on Foundations of Computer Science, FOCS 2010
PB - IEEE Computer Society
T2 - 2010 IEEE 51st Annual Symposium on Foundations of Computer Science, FOCS 2010
Y2 - 23 October 2010 through 26 October 2010
ER -