Threshold Homomorphic Encryption in the Universally Composable Cryptographic Library

  • Peeter Laud
  • Long Ngo
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 5324)


The universally composable cryptographic library by Backes, Pfitzmann and Waidner provides Dolev-Yao-like, but cryptographically sound abstractions to common cryptographic primitives like encryptions and signatures. The library has been used to give the correctness proofs of various protocols; while the arguments in such proofs are similar to the ones done with the Dolev-Yao model that has been researched for a couple of decades already, the conclusions that such arguments provide are cryptographically sound.

Various interesting protocols, for example e-voting, make extensive use of primitives that the library currently does not provide. The library can certainly be extended, and in this paper we provide one such extension — we add threshold homomorphic encryption to the universally composable cryptographic library and demonstrate its usefulness by (re)proving the security of a well-known e-voting protocol.


Composition Theorem Common Reference String Vote Protocol Honest User Real Adversary 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Adão, P., Fournet, C.: Cryptographically sound implementations for communicating processes. In: Bugliesi, M., Preneel, B., Sassone, V., Wegener, I. (eds.) ICALP 2006. LNCS, vol. 4052, pp. 83–94. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  2. 2.
    Backes, M.: A Cryptographically Sound Dolev-Yao Style Security Proof of the Otway-Rees Protocol. In: Samarati, P., Ryan, P.Y.A., Gollmann, D., Molva, R. (eds.) ESORICS 2004. LNCS, vol. 3193, pp. 89–108. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  3. 3.
    Backes, M., Dürmuth, M.: A cryptographically sound Dolev-Yao style security proof of an electronic payment system. In: CSFW 2005, pp. 78–93 (2005)Google Scholar
  4. 4.
    Backes, M., Dürmuth, M., Hofheinz, D., Küsters, R.: Conditional reactive simulatability. Int. J. Inf. Sec. 7(2), 155–169 (2008)CrossRefGoogle Scholar
  5. 5.
    Backes, M., Laud, P.: Computationally sound secrecy proofs by mechanized flow analysis. In: ACM CCS 2006, pp. 370–379 (2006)Google Scholar
  6. 6.
    Backes, M., Pfitzmann, B.: A Cryptographically Sound Security Proof of the Needham-Schroeder-Lowe Public-Key Protocol. In: Pandya, P.K., Radhakrishnan, J. (eds.) FSTTCS 2003. LNCS, vol. 2914, pp. 1–12. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  7. 7.
    Backes, M., Pfitzmann, B.: Symmetric Encryption in a Simulatable Dolev-Yao Style Cryptographic Library. In: CSFW 2004, pp. 204–218 (2004)Google Scholar
  8. 8.
    Backes, M., Pfitzmann, B.: Limits of the cryptographic realization of Dolev-Yao-style XOR. In: de Capitani di Vimercati, S., Syverson, P.F., Gollmann, D. (eds.) ESORICS 2005. LNCS, vol. 3679, pp. 178–196. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  9. 9.
    Backes, M., Pfitzmann, B.: Relating Symbolic and Cryptographic Secrecy. In: IEEE S&P 2005, pp. 171–182 (2005)Google Scholar
  10. 10.
    Backes, M., Pfitzmann, B.: On the cryptographic key secrecy of the strengthened Yahalom protocol. In: SEC 2006 (IFIP 201), pp. 233–245 (2006)Google Scholar
  11. 11.
    Backes, M., Pfitzmann, B., Waidner, M.: Symmetric authentication within a simulatable cryptographic library. In: Snekkenes, E., Gollmann, D. (eds.) ESORICS 2003. LNCS, vol. 2808, pp. 271–290. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  12. 12.
    Backes, M., Pfitzmann, B., Waidner, M.: A Universally Composable Cryptographic Library. In: ACM CCS 2003, pp. 220–230 (2003)Google Scholar
  13. 13.
    Backes, M., Pfitzmann, B., Waidner, M.: A General Composition Theorem for Secure Reactive Systems. In: Naor, M. (ed.) TCC 2004. LNCS, vol. 2951, pp. 336–354. Springer, Heidelberg (2004)Google Scholar
  14. 14.
    Backes, M., Pfitzmann, B., Waidner, M.: Limits of the BRSIM/UC soundness of Dolev-Yao models with hashes. In: Gollmann, D., Meier, J., Sabelfeld, A. (eds.) ESORICS 2006. LNCS, vol. 4189, pp. 404–423. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  15. 15.
    Bellare, M., Desai, A., Jokipii, E., Rogaway, P.: A Concrete Security Treatment of Symmetric Encryption. In: FOCS 1997, pp. 394–403 (1997)Google Scholar
  16. 16.
    Bellare, M., Rogaway, P.: The security of triple encryption and a framework for code-based game-playing proofs. In: Vaudenay, S. (ed.) EUROCRYPT 2006. LNCS, vol. 4004, pp. 409–426. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  17. 17.
    Blanchet, B.: A computationally sound mechanized prover for security protocols. In: IEEE S&P 2006, pp. 140–154 (2006)Google Scholar
  18. 18.
    Blanchet, B.: Computationally sound mechanized proofs of correspondence assertions. In: CSF 2007, pp. 97–111 (2007)Google Scholar
  19. 19.
    Canetti, R.: A unified framework for analyzing security of protocols. In: ECCC, vol. 8(16) (2001)Google Scholar
  20. 20.
    Canetti, R.: Universally Composable Security: A New Paradigm for Cryptographic Protocols. In: FOCS 2001, pp. 136–145 (2001)Google Scholar
  21. 21.
    Damgård, I.: Efficient Concurrent Zero-Knowledge in the Auxiliary String Model. In: Preneel, B. (ed.) EUROCRYPT 2000. LNCS, vol. 1807, pp. 424–436. Springer, Heidelberg (2000)Google Scholar
  22. 22.
    Damgård, I., Jurik, M.: A generalisation, a simplification and some applications of Paillier’s probabilistic public-key system. In: Kim, K.-c. (ed.) PKC 2001. LNCS, vol. 1992, pp. 119–136. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  23. 23.
    Dolev, D., Yao, A.C.: On the security of public key protocols. IEEE Transactions on Information Theory IT-29(12), 198–208 (1983)MathSciNetCrossRefMATHGoogle Scholar
  24. 24.
    Fouque, P.-A., Pointcheval, D.: Threshold Cryptosystems Secure against Chosen-Ciphertext Attacks. In: Boyd, C. (ed.) ASIACRYPT 2001. LNCS, vol. 2248, pp. 351–368. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  25. 25.
    Fouque, P.-A., Poupard, G., Stern, J.: Sharing decryption in the context of voting or lotteries. In: Frankel, Y. (ed.) FC 2000. LNCS, vol. 1962, pp. 90–104. Springer, Heidelberg (2001)Google Scholar
  26. 26.
    Goldreich, O.: Foundations of Cryptography. Volume 1 - Basic Tools. Cambridge University Press, Cambridge (2001)CrossRefMATHGoogle Scholar
  27. 27.
    Groth, J.: Evaluating security of voting schemes in the universal composability framework. In: Jakobsson, M., Yung, M., Zhou, J. (eds.) ACNS 2004. LNCS, vol. 3089, pp. 46–60. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  28. 28.
    Groth, J., Ostrovsky, R., Sahai, A.: Perfect non-interactive zero knowledge for np. In: Vaudenay, S. (ed.) EUROCRYPT 2006. LNCS, vol. 4004, pp. 339–358. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  29. 29.
    Laud, P.: Symmetric encryption in automatic analyses for confidentiality against active adversaries. In: IEEE S&P 2004, pp. 71–85 (2004)Google Scholar
  30. 30.
    Laud, P.: Secrecy Types for a Simulatable Cryptographic Library. In: ACM CCS 2005, pp. 26–35 (2005)Google Scholar
  31. 31.
    Laud, P., Ngo, L.: Threshold Homomorphic Encryption in the Universally Composable Cryptographic Library. Cryptology ePrint Archive, Report 2008/367 (2008)Google Scholar
  32. 32.
    Lipmaa, H.: Secure electronic voting protocols. In: The Handbook of Information Security. John Wiley & Sons, Chichester (2006)Google Scholar
  33. 33.
    Paillier, P.: Public-key cryptosystems based on composite degree residuosity classes. In: Stern, J. (ed.) EUROCRYPT 1999. LNCS, vol. 1592, pp. 223–238. Springer, Heidelberg (1999)Google Scholar
  34. 34.
    Pfitzmann, B., Waidner, M.: A Model for Asynchronous Reactive Systems and its Application to Secure Message Transmission. In: IEEE S&P 2001, pp. 184–200 (2001)Google Scholar
  35. 35.
    Sprenger, C., Backes, M., Basin, D.A., Pfitzmann, B., Waidner, M.: Cryptographically sound theorem proving. In: CSFW 2006, pp. 153–166 (2006)Google Scholar
  36. 36.
    Tšahhirov, I., Laud, P.: Application of dependency graphs to security protocol analysis. In: Barthe, G., Fournet, C. (eds.) TGC 2007. LNCS, vol. 4912, pp. 294–311. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  37. 37.
    Wikström, D.: Universally composable DKG with linear number of exponentiations. In: Blundo, C., Cimato, S. (eds.) SCN 2004. LNCS, vol. 3352, pp. 263–277. Springer, Heidelberg (2005)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2008

Authors and Affiliations

  • Peeter Laud
    • 1
    • 2
  • Long Ngo
    • 1
  1. 1.Tartu UniversityEstonia
  2. 2.Cybernetica ASEstonia

Personalised recommendations