Advances in Cryptology - EUROCRYPT 2006

Volume 4004 of the series Lecture Notes in Computer Science pp 538-554

Information-Theoretic Conditions for Two-Party Secure Function Evaluation

  • Claude CrépeauAffiliated withMcGill University
  • , George SavvidesAffiliated withMcGill University
  • , Christian SchaffnerAffiliated withBRICS, University of Århus
  • , Jürg WullschlegerAffiliated withETH Zürich


The standard security definition of unconditional secure function evaluation, which is based on the ideal/real model paradigm, has the disadvantage of being overly complicated to work with in practice. On the other hand, simpler ad-hoc definitions tailored to special scenarios have often been flawed. Motivated by this unsatisfactory situation, we give an information-theoretic security definition of secure function evaluation which is very simple yet provably equivalent to the standard, simulation-based definitions.