Abstract
The recently proposed universally composable (UC) security framework, for analyzing security of cryptographic protocols, provides very strong security guarantees. In particular, a protocol proven secure in this framework is guaranteed to maintain its security even when deployed in arbitrary multi-party, multi-protocol, multi-execution environments.
Protocols for securely carrying out essentially any cryptographic task in a universally composable way exist, both in the case of an honest majority (in the plain model, i.e., without set-up assumptions) and in the case of no honest majority (in the common reference string model). However, in the plain model, little was known for the case of no honest majority and, in particular, for the important special case of two-party protocols.
We study the feasibility of universally composable two-party function evaluation in the plain model. Our results show that very few functions can be computed in this model so as to provide the UC security guarantees. Specifically, for the case of deterministic functions, we provide a full characterization of the functions computable in this model. (Essentially, these are the functions that depend on at most one of the parties’ inputs, and furthermore are “efficiently invertible” in a sense defined within.) For the case of probabilistic functions, we show that the only functions computable in this model are those where one of the parties can essentially uniquely determine the joint output.
Part of this work was done while the author was a visitor at IBM T.J. Watson Research Center.
Chapter PDF
References
D. Beaver. Secure Multi-party Protocols and Zero-Knowledge Proof Systems Tolerating a Faulty Minority. Journal of Cryptology, 4(2):75–122, 1991.
D. Beaver. Adaptive Zero-Knowledge and Computational Equivocation. In 28th STOC, pages 629–638, 1996.
A. Beimel, T. Malkin and S. Micali. The All-or-Nothing Nature of Two-Party Secure Computation. In CRYPTO’99, Springer-Verlag (LNCS 1666), pages 80–97, 1999.
M. Ben-Or, S. Goldwasser and A. Wigderson. Completeness Theorems for Non-Cryptographic Fault-Tolerant Distributed Computation. In 20th STOC, pages 1–10, 1988.
R. Canetti. Universally Composable Security: A New Paradigm for Cryptographic Protocols. In 42nd FOCS, pages 136–145, 2001. Full version available at http://eprint.iacr.org/2000/067.
R. Canetti, U. Feige, O. Goldreich and M. Naor. Adaptively Secure Multi-Party Computation. In 28th STOC, pages 639–648, 1996.
R. Canetti and M. Fischlin. Universally Composable Commitments. In CRYPTO 2001, Springer-Verlag (LNCS 2139), pages 19–40, 2001.
R. Canetti and H. Krawczyk. Analysis of Key Exchange Protocols and Their Use for Building Secure Channels. In Eurocrypt 2001, Springer-Verlag (LNCS 2045), pages 453–474, 2001.
R. Canetti and H. Krawczyk. Universally composable key exchange and secure channels. In Eurocrypt 2002, Springer-Verlag (LNCS 2332), pages 337–351, 2002.
R. Canetti, E. Kushilevitz and Y. Lindell. On the Limitations of Universally Composable Two-Party Computation Without Set-up Assumptions (full version). Cryptology ePrint Archive, http://eprint.iacr.org/, 2003.
R. Canetti, Y. Lindell, R. Ostrovsky and A. Sahai. Universally Composable Two-Party and Multi-Party Computation. In 34th STOC, pages 494–503, 2002.
B. Chor, and E. Kushilevitz. A Zero-One Law for Boolean Privacy. In 21st STOC, pages 62–72, 1989.
R. Cleve. Limits on the security of coin-flips when half the processors are faulty. In 18th STOC, pages 364–369, 1986.
D. Dolev, C. Dwork and M. Naor. Non-malleable cryptography. SIAM Journal of Computing, 30(2):391–437, 2000.
C. Dwork, M. Naor, and A. Sahai. Concurrent Zero-Knowledge. In 30th STOC, pages 409–418, 1998.
J. Garay and P. Mackenzie. Concurrent Oblivious Transfer. In 41st FOCS, pages 314–324, 2000.
O. Goldreich and H. Krawczyk. On the composition of zero-knowledge proof systems. SIAM Journal of Computing, 25(1):169–192, 1996.
O. Goldreich, S. Micali and A. Wigderson. How to Play any Mental Game — A Completeness Theorem for Protocols with Honest Majority. In 19th STOC, pages 218–229, 1987.
S. Goldwasser and L. Levin. Fair Computation of General Functions in Presence of Immoral Majority. In CRYPTO’90, Springer-Verlag (LNCS 537), pages 77–93, 1990.
D. Hofheinz, J. Müller-Quade and R. Steinwandt. On Modeling IND-CCA Security in Cryptographic Protocols. Cryptology ePrint Archive, Report 2003/024, http://eprint.iacr.org/, 2003.
J. Kilian, E. Kushilevitz, S. Micali, and R. Ostrovsky. Reducibility and Completeness in Private Computations. SICOMP, 29(4):1189–1208, 2000.
J. Kilian. More general completeness theorems for secure two-party computation. In 32nd STOC, pages 316–324, 2000.
E. Kushilevitz. Privacy and Communication Complexity. In 30th FOCS, pages 416–421, 1989.
S. Micali and P. Rogaway. Secure computation. Unpublished manuscript, 1992. Preliminary version in CRYPTO’91, Springer-Verlag (LNCS 576), pages 392–404, 1991.
M. Naor and M. Yung. Public key cryptosystems provably secure against chosen ciphertext attacks. In 22nd STOC, 427–437, 1990.
T. Rabin and M. Ben-Or. Verifiable Secret Sharing and Multi-party Protocols with Honest Majority. In 21st STOC, pages 73–85, 1989.
C. Rackoff and D. Simon. Non-interactive zero-knowledge proof of knowledge and chosen ciphertext attack. In CRYPTO’91, Springer-Verlag (LNCS 576), pages 433–444, 1991.
R. Richardson and J. Kilian. On the Concurrent Composition of Zero-Knowledge Proofs. In Eurocrypt’99, Springer-Verlag (LNCS 1592), pages 415–431, 1999.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2003 International Association for Cryptologic Research
About this paper
Cite this paper
Canetti, R., Kushilevitz, E., Lindell, Y. (2003). On the Limitations of Universally Composable Two-Party Computation without Set-up Assumptions. In: Biham, E. (eds) Advances in Cryptology — EUROCRYPT 2003. EUROCRYPT 2003. Lecture Notes in Computer Science, vol 2656. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-39200-9_5
Download citation
DOI: https://doi.org/10.1007/3-540-39200-9_5
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-14039-9
Online ISBN: 978-3-540-39200-2
eBook Packages: Springer Book Archive