David and Goliath Commitments: UC Computation for Asymmetric Parties Using Tamper-Proof Hardware

  • Tal Moran
  • Gil Segev
Part of the Lecture Notes in Computer Science book series (LNCS, volume 4965)

Abstract

Designing secure protocols in the Universal Composability (UC) framework confers many advantages. In particular, it allows the protocols to be securely used as building blocks in more complex protocols, and assists in understanding their security properties. Unfortunately, most existing models in which universally composable computation is possible (for useful functionalities) require a trusted setup stage. Recently, Katz [Eurocrypt ’07] proposed an alternative to the trusted setup assumption: tamper-proof hardware. Instead of trusting a third party to correctly generate the setup information, each party can create its own hardware tokens, which it sends to the other parties. Each party is only required to trust that its own tokens are tamper-proof.

Katz designed a UC commitment protocol that requires both parties to generate hardware tokens. In addition, his protocol relies on a specific number-theoretic assumption. In this paper, we construct UC commitment protocols for “David” and “Goliath”: we only require a single party (Goliath) to be capable of generating tokens. We construct a version of the protocol that is secure for computationally unbounded parties, and a more efficient version that makes computational assumptions only about David (we require only the existence of a one-way function). Our protocols are simple enough to be performed by hand on David’s side.

These properties may allow such protocols to be used in situations which are inherently asymmetric in real-life, especially those involving individuals versus large organizations. Classic examples include voting protocols (voters versus “the government”) and protocols involving private medical data (patients versus insurance-agencies or hospitals).

References

  1. 1.
    Barak, B., Canetti, R., Nielsen, J.B., Pass, R.: Universally composable protocols with relaxed set-up assumptions. In: Proceedings of the 45th Annual Symposium on Foundations of Computer Science, pp. 186–195 (2004)Google Scholar
  2. 2.
    Bennett, C.H., Brassard, G.: Quantum cryptography: Public key distribution and coin tossing. In: Proceedings of IEEE International Conference on Computers, Systems and Signal Processing, pp. 175–179 (1984)Google Scholar
  3. 3.
    Bollobas, B.: Extremal Graph Theory. Courier Dover Publications (1978)Google Scholar
  4. 4.
    Brands, S.: Untraceable off-line cash in wallets with observers. In: Stinson, D.R. (ed.) CRYPTO 1993. LNCS, vol. 773, pp. 302–318. Springer, Heidelberg (1994)Google Scholar
  5. 5.
    Canetti, R.: Universally composable security: A new paradigm for cryptographic protocols. In: In Proceedings of the 42nd Annual Symposium on Foundations of Computer Science, pp. 136–145 (2001); An updated version is available from the Cryptology ePrint Archive, Report 2000/067Google Scholar
  6. 6.
    Canetti, R., Dodis, Y., Pass, R., Walfish, S.: Universally composable security with global setup. In: Proceedings of the 4th Theory of Cryptography Conference, pp. 61–85 (2007)Google Scholar
  7. 7.
    Canetti, R., Fischlin, M.: Universally composable commitments. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, pp. 19–40. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  8. 8.
    Canetti, R., Kushilevitz, E., Lindell, Y.: On the limitations of universally composable two-party computation without set-up assumptions. Journal of Cryptology 19(2), 135–167 (2006)MATHCrossRefMathSciNetGoogle Scholar
  9. 9.
    Canetti, R., Lindell, Y., Ostrovsky, R., Sahai, A.: Universally composable two-party and multi-party secure computation. In: Proceedings of the 34th Annual ACM Symposium on the Theory of Computing, pp. 494–503 (2002)Google Scholar
  10. 10.
    Chandran, N., Goyal, V., Sahai, A.: Improved UC secure computation using tamper-proof hardware. Cryptology ePrint Archive, Report 2007/334 (2007)Google Scholar
  11. 11.
    Chaum, D., Pedersen, T.P.: Wallet databases with observers. In: Brickell, E.F. (ed.) CRYPTO 1992. LNCS, vol. 740, pp. 89–105. Springer, Heidelberg (1993)Google Scholar
  12. 12.
    Cramer, R., Pedersen, T.P.: Improved privacy in wallets with observers. In: Helleseth, T. (ed.) EUROCRYPT 1993. LNCS, vol. 765, pp. 329–343. Springer, Heidelberg (1994)Google Scholar
  13. 13.
    Crépeau, C.: Efficient cryptographic protocols based on noisy channels. In: Fumy, W. (ed.) EUROCRYPT 1997. LNCS, vol. 1233, pp. 306–317. Springer, Heidelberg (1997)Google Scholar
  14. 14.
    Crépeau, C., Kilian, J.: Achieving oblivious transfer using weakened security assumptions. In: Proceedings of the 29th Annual Symposium on Foundations of Computer Science, pp. 42–52 (1988)Google Scholar
  15. 15.
    Damgård, I., Fehr, S., Morozov, K., Salvail, L.: Unfair noisy channels and oblivious transfer. In: Proceedings of the 1st Theory of Cryptography Conference, pp. 355–373 (2004)Google Scholar
  16. 16.
    Damgård, I., Kilian, J., Salvail, L.: On the (im)possibility of basing oblivious transfer and bit commitment on weakened security assumptions. In: Stern, J. (ed.) EUROCRYPT 1999. LNCS, vol. 1592, pp. 56–73. Springer, Heidelberg (1999)Google Scholar
  17. 17.
    Damgård, I., Nielsen, J.B., Wichs, D.: Universally composable multiparty computation with partially isolated parties. Cryptology ePrint Archive, Report 2007/332 (2007)Google Scholar
  18. 18.
    Groth, J., Ostrovsky, R.: Cryptography in the multi-string model. In: Menezes, A. (ed.) CRYPTO 2007. LNCS, vol. 4622, pp. 323–341. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  19. 19.
    Hofheinz, D., Müller-Quade, J., Unruh, D.: Universally composable zero-knowledge arguments and commitments from signature cards. In: Proceedings of the 5th Central European Conference on Cryptology (2005)Google Scholar
  20. 20.
    Katz, J.: Universally composable multi-party computation using tamper-proof hardware. In: Naor, M. (ed.) EUROCRYPT 2007. LNCS, vol. 4515, pp. 115–128. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  21. 21.
    Moran, T., Naor, M.: Basing cryptographic protocols on tamper-evident seals. In: Proceedings of the 32nd International Colloquium on Automata, Languages and Programming, pp. 285–297 (2005)Google Scholar
  22. 22.
    Raz, R.: A parallel repetition theorem. SIAM Journal on Computing 27(3), 763–803 (1998)MATHCrossRefMathSciNetGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2008

Authors and Affiliations

  • Tal Moran
    • 1
  • Gil Segev
    • 1
  1. 1.Department of Computer Science and Applied MathematicsWeizmann Institute of ScienceRehovotIsrael

Personalised recommendations