Polynomial Runtime and Composability
- First Online:
- Cite this article as:
- Hofheinz, D., Unruh, D. & Müller-Quade, J. J Cryptol (2013) 26: 375. doi:10.1007/s00145-012-9127-4
it is simple enough to support simple security/runtime analyses,
it is intuitive in the sense that all intuitively feasible protocols and attacks (and only those) are considered polynomial-time,
it supports secure composition of protocols in the sense of a universal composition theorem.