Advertisement

Non-malleability vs. CCA-Security: The Case of Commitments

  • Brandon BroadnaxEmail author
  • Valerie Fetzer
  • Jörn Müller-Quade
  • Andy Rupp
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 10770)

Abstract

In this work, we settle the relations among a variety of security notions related to non-malleability and CCA-security that have been proposed for commitment schemes in the literature. Interestingly, all our separations follow from two generic transformations. Given two appropriate security notions X and Y from the class of security notions we compare, these transformations take a commitment scheme that fulfills notion X and output a commitment scheme that still fulfills notion X but not notion Y.

Using these transformations, we are able to show that some of the known relations for public-key encryption do not carry over to commitments. In particular, we show that, surprisingly, parallel non-malleability and parallel CCA-security are not equivalent for commitment schemes. This stands in contrast to the situation for public-key encryption where these two notions are equivalent as shown by Bellare et al. at CRYPTO ‘99.

References

  1. 1.
    Bellare, M., Desai, A., Pointcheval, D., Rogaway, P.: Relations among notions of security for public-key encryption schemes. In: Krawczyk, H. (ed.) CRYPTO 1998. LNCS, vol. 1462, pp. 26–45. Springer, Heidelberg (1998).  https://doi.org/10.1007/BFb0055718 Google Scholar
  2. 2.
    Bellare, M., Dowsley, R., Waters, B., Yilek, S.: Standard security does not imply security against selective-opening. In: Pointcheval, D., Johansson, T. (eds.) EUROCRYPT 2012. LNCS, vol. 7237, pp. 645–662. Springer, Heidelberg (2012).  https://doi.org/10.1007/978-3-642-29011-4_38 CrossRefGoogle Scholar
  3. 3.
    Bellare, M., Sahai, A.: Non-malleable encryption: equivalence between two notions, and an indistinguishability-based characterization. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 519–536. Springer, Heidelberg (1999).  https://doi.org/10.1007/3-540-48405-1_33 Google Scholar
  4. 4.
    Böhl, F., Hofheinz, D., Kraschewski, D.: On definitions of selective opening security. In: Fischlin, M., Buchmann, J., Manulis, M. (eds.) PKC 2012. LNCS, vol. 7293, pp. 522–539. Springer, Heidelberg (2012).  https://doi.org/10.1007/978-3-642-30057-8_31 CrossRefGoogle Scholar
  5. 5.
    Broadnax, B., Döttling, N., Hartung, G., Müller-Quade, J., Nagel, M.: Concurrently composable security with shielded super-polynomial simulators. In: Coron, J.-S., Nielsen, J.B. (eds.) EUROCRYPT 2017, Part I. LNCS, vol. 10210, pp. 351–381. Springer, Cham (2017).  https://doi.org/10.1007/978-3-319-56620-7_13 CrossRefGoogle Scholar
  6. 6.
    Canetti, R.: Universally composable security: a new paradigm for cryptographic protocols. In: Proceedings of the 42th Annual IEEE Symposium on Foundations of Computer Science, FOCS 2001, pp. 136–145. IEEE (2001)Google Scholar
  7. 7.
    Canetti, R., Fischlin, M.: Universally composable commitments. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, pp. 19–40. Springer, Heidelberg (2001).  https://doi.org/10.1007/3-540-44647-8_2 CrossRefGoogle Scholar
  8. 8.
    Canetti, R., Kushilevitz, E., Lindell, Y.: On the limitations of universally composable two-party computation without set-up assumptions. In: Biham, E. (ed.) EUROCRYPT 2003. LNCS, vol. 2656, pp. 68–86. Springer, Heidelberg (2003).  https://doi.org/10.1007/3-540-39200-9_5 CrossRefGoogle Scholar
  9. 9.
    Canetti, R., Lin, H., Pass, R.: Adaptive hardness and composable security in the plain model from standard assumptions. In: Proceedings of the 51st Annual IEEE Symposium on Foundations of Computer Science, FOCS 2010, pp. 541–550. IEEE (2010)Google Scholar
  10. 10.
    Canetti, R., Lin, H., Pass, R.: From unprovability to environmentally friendly protocols. In: Proceedings of the 54th Annual IEEE Symposium on Foundations of Computer Science, FOCS 2013, pp. 70–79. IEEE (2013)Google Scholar
  11. 11.
    Cao, Z., Visconti, I., Zhang, Z.: Constant-round concurrent non-malleable statistically binding commitments and decommitments. In: Nguyen, P.Q., Pointcheval, D. (eds.) PKC 2010. LNCS, vol. 6056, pp. 193–208. Springer, Heidelberg (2010).  https://doi.org/10.1007/978-3-642-13013-7_12 CrossRefGoogle Scholar
  12. 12.
    Choi, S.G., Dachman-Soled, D., Malkin, T., Wee, H.: A black-box construction of non-malleable encryption from semantically secure encryption. J. Cryptol. 31, 1–30 (2017)MathSciNetzbMATHGoogle Scholar
  13. 13.
    Ciampi, M., Ostrovsky, R., Siniscalchi, L., Visconti, I.: Concurrent non-malleable commitments (and more) in 3 rounds. In: Robshaw, M., Katz, J. (eds.) CRYPTO 2016. LNCS, vol. 9816, pp. 270–299. Springer, Heidelberg (2016).  https://doi.org/10.1007/978-3-662-53015-3_10 CrossRefGoogle Scholar
  14. 14.
    Cramer, R., Hanaoka, G., Hofheinz, D., Imai, H., Kiltz, E., Pass, R., Shelat, A., Vaikuntanathan, V.: Bounded CCA2-secure encryption. In: Kurosawa, K. (ed.) ASIACRYPT 2007. LNCS, vol. 4833, pp. 502–518. Springer, Heidelberg (2007).  https://doi.org/10.1007/978-3-540-76900-2_31 CrossRefGoogle Scholar
  15. 15.
    Dolev, D., Dwork, C., Naor, M.: Non-malleable cryptography. In: Proceedings of the Twenty-Third Annual ACM Symposium on Theory of Computing, STOC 1991, pp. 542–552. ACM (1991)Google Scholar
  16. 16.
    Garg, S., Mukherjee, P., Pandey, O., Polychroniadou, A.: The exact round complexity of secure computation. In: Fischlin, M., Coron, J.-S. (eds.) EUROCRYPT 2016, Part II. LNCS, vol. 9666, pp. 448–476. Springer, Heidelberg (2016).  https://doi.org/10.1007/978-3-662-49896-5_16 CrossRefGoogle Scholar
  17. 17.
    Goldreich, O.: Foundations of Cryptography: Basic Tools, vol. 1. Cambridge University Press, Cambridge (2001)CrossRefzbMATHGoogle Scholar
  18. 18.
    Goldreich, O., Lindell, Y.: Session-key generation using human passwords only. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, pp. 408–432. Springer, Heidelberg (2001).  https://doi.org/10.1007/3-540-44647-8_24 CrossRefGoogle Scholar
  19. 19.
    Goyal, V.: Constant round non-malleable protocols using one way functions. In: Proceedings of the Forty-Third Annual ACM Symposium on Theory of Computing, STOC 2011, pp. 695–704. ACM (2011)Google Scholar
  20. 20.
    Goyal, V., Pandey, O., Richelson, S.: Textbook non-malleable commitments. In: Proceedings of the 48th Annual ACM SIGACT Symposium on Theory of Computing, STOC 2016, pp. 1128–1141. ACM (2016)Google Scholar
  21. 21.
    Impagliazzo, R., Luby, M.: One-way functions are essential for complexity based cryptography. In: Proceedings of the 30th Annual Symposium on Foundations of Computer Science, FOCS 1989, pp. 230–235. IEEE (1989)Google Scholar
  22. 22.
    Katz, J., Ostrovsky, R., Smith, A.: Round efficiency of multi-party computation with a dishonest majority. In: Biham, E. (ed.) EUROCRYPT 2003. LNCS, vol. 2656, pp. 578–595. Springer, Heidelberg (2003).  https://doi.org/10.1007/3-540-39200-9_36 CrossRefGoogle Scholar
  23. 23.
    Kiyoshima, S.: Round-efficient black-box construction of composable multi-party computation. In: Garay, J.A., Gennaro, R. (eds.) CRYPTO 2014. LNCS, vol. 8617, pp. 351–368. Springer, Heidelberg (2014).  https://doi.org/10.1007/978-3-662-44381-1_20 CrossRefGoogle Scholar
  24. 24.
    Kiyoshima, S., Manabe, Y., Okamoto, T.: Constant-round black-box construction of composable multi-party computation protocol. In: Lindell, Y. (ed.) TCC 2014. LNCS, vol. 8349, pp. 343–367. Springer, Heidelberg (2014).  https://doi.org/10.1007/978-3-642-54242-8_15 CrossRefGoogle Scholar
  25. 25.
    Lin, H., Pass, R.: Black-box constructions of composable protocols without set-up. In: Safavi-Naini, R., Canetti, R. (eds.) CRYPTO 2012. LNCS, vol. 7417, pp. 461–478. Springer, Heidelberg (2012).  https://doi.org/10.1007/978-3-642-32009-5_27 CrossRefGoogle Scholar
  26. 26.
    Lin, H., Pass, R., Venkitasubramaniam, M.: Concurrent non-malleable commitments from any one-way function. In: Canetti, R. (ed.) TCC 2008. LNCS, vol. 4948, pp. 571–588. Springer, Heidelberg (2008).  https://doi.org/10.1007/978-3-540-78524-8_31 CrossRefGoogle Scholar
  27. 27.
    Lin, H., Pass, R., Venkitasubramaniam, M.: A unified framework for concurrent security: universal composability from stand-alone non-malleability. In: Proceedings of the 41st annual ACM symposium on Theory of computing, STOC 2009, pp. 179–188. ACM (2009)Google Scholar
  28. 28.
    Pandey, O., Pass, R., Vaikuntanathan, V.: Adaptive one-way functions and applications. In: Wagner, D. (ed.) CRYPTO 2008. LNCS, vol. 5157, pp. 57–74. Springer, Heidelberg (2008).  https://doi.org/10.1007/978-3-540-85174-5_4 CrossRefGoogle Scholar
  29. 29.
    Pass, R., Shelat, A., Vaikuntanathan, V.: Construction of a non-malleable encryption scheme from any semantically secure one. In: Dwork, C. (ed.) CRYPTO 2006. LNCS, vol. 4117, pp. 271–289. Springer, Heidelberg (2006).  https://doi.org/10.1007/11818175_16 CrossRefGoogle Scholar
  30. 30.
    Prabhakaran, M., Sahai, A.: New notions of security: achieving universal composability without trusted setup. In: Proceedings of the 36th Annual ACM Symposium on Theory of Computing, STOC 2004, pp. 242–251. ACM (2004)Google Scholar
  31. 31.
    Wee, H.: Black-box, round-efficient secure computation via non-malleability amplification. In: Proceedings of the 51st Annual IEEE Symposium on Foundations of Computer Science, FOCS 2010, pp. 531–540. IEEE (2010)Google Scholar

Copyright information

© International Association for Cryptologic Research 2018

Authors and Affiliations

  • Brandon Broadnax
    • 1
    Email author
  • Valerie Fetzer
    • 1
  • Jörn Müller-Quade
    • 1
  • Andy Rupp
    • 1
  1. 1.Karlsruhe Institute of TechnologyKarlsruheGermany

Personalised recommendations