A Zero-One Law for Cryptographic Complexity with Respect to Computational UC Security

  • Hemanta K. Maji
  • Manoj Prabhakaran
  • Mike Rosulek
Part of the Lecture Notes in Computer Science book series (LNCS, volume 6223)


It is well-known that most cryptographic tasks do not have universally composable (UC) secure protocols, if no trusted setup is available in the framework. On the other hand, if a task like fair coin-tossing is available as a trusted setup, then all cryptographic tasks have UC-secure protocols. What other trusted setups allow UC-secure protocols for all tasks? More generally, given a particular setup, what tasks have UC-secure protocols?

We show that, surprisingly, every trusted setup is either useless (equivalent to having no trusted setup) or all-powerful (allows UC-secure protocols for all tasks). There are no “intermediate” trusted setups in the UC framework. We prove this zero-one law under a natural intractability assumption, and consider the class of deterministic, finite, 2-party functionalities as candidate trusted setups.

One important technical contribution in this work is to initiate the comprehensive study of the cryptographic properties of reactive functionalities. We model these functionalities as finite automata and develop an automata-theoretic methodology for classifying and studying their cryptographic properties. Consequently, we completely characterize the reactive behaviors that lead to cryptographic non-triviality. Another contribution of independent interest is to optimize the hardness assumption used by Canetti et al. (STOC 2002) in showing that the common random string functionality is complete (a result independently obtained by Damgård et al. (TCC 2010)).


  1. 1.
    Proc. 30th FOCS. IEEE, Los Alamitos (1989)Google Scholar
  2. 2.
    Beaver, D.: Perfect privacy for two-party protocols. In: Feigenbaum, J., Merritt, M. (eds.) Proceedings of DIMACS Workshop on Distributed Computing and Cryptography, vol. 2, pp. 65–77. American Mathematical Society, Providence (1989)Google Scholar
  3. 3.
    Beimel, A., Malkin, T., Micali, S.: The all-or-nothing nature of two-party secure computation. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 80–97. Springer, Heidelberg (1999)Google Scholar
  4. 4.
    Canetti, R.: Universally composable security: A new paradigm for cryptographic protocols. Electronic Colloquium on Computational Complexity (ECCC) TR01- 016, 2001. Previous version. A unified framework for analyzing security of protocols” availabe at the ECCC archive TR01-016. Extended abstract in FOCS (2001)Google Scholar
  5. 5.
    Canetti, R., Fischlin, M.: Universally composable commitments. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, p. 19. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  6. 6.
    Canetti, R., Kushilevitz, E., Lindell, Y.: On the limitations of universally composable two-party computation without set-up assumptions. In: Biham, E. (ed.) EUROCRYPT 2003. LNCS, vol. 2656. Springer, Heidelberg (2003)Google Scholar
  7. 7.
    Canetti, R., Lindell, Y., Ostrovsky, R., Sahai, A.: Universally composable twoparty computation. In: Proc. 34th STOC, pp. 494–503. ACM, New York (2002)Google Scholar
  8. 8.
    Chor, B., Kushilevitz, E.: A zero-one law for boolean privacy (extended abstract). In: STOC, pp. 62–72. ACM, New York (1989)Google Scholar
  9. 9.
    Damgård, I., Nielsen, J.B., Orlandi, C.: On the necessary and sufficient assumptions for UC computation. In: Micciancio, D. (ed.) TCC 2010. LNCS, vol. 5978, pp. 109–127. Springer, Heidelberg (2010)Google Scholar
  10. 10.
    Goldreich, O.: Foundations of Cryptography: Basic Tools. Cambridge University Press, Cambridge (2001), Earlier version available on, http://www.wisdom.weizmann.ac.il/~oded/frag.html
  11. 11.
    Goldreich, O.: Foundations of Cryptography: Basic Applications. Cambridge University Press, Cambridge (2004)MATHGoogle Scholar
  12. 12.
    Goldreich, O., Micali, S., Wigderson, A.: How to play ANY mental game. In: ACM (ed.) Proc. 19th STOC, pp. 218–229. ACM, New York (1987), See 11, Chap. 7 for more detailsGoogle Scholar
  13. 13.
    Harnik, D., Naor, M., Reingold, O., Rosen, A.: Completeness in two-party secure computation: A computational view. J. Cryptology 19(4), 521–552 (2006)MATHCrossRefMathSciNetGoogle Scholar
  14. 14.
    Håstad, J., Impagliazzo, R., Levin, L.A., Luby, M.: A pseudorandom generator from any one-way function. SIAM J. Comput. 28(4), 1364–1396 (1999); Preliminary versions appeared in STOC 1989 and STOC 1990Google Scholar
  15. 15.
    Impagliazzo, R.: A personal view of average-case complexity. In: Structure in Complexity Theory Conference, pp. 134–147 (1995)Google Scholar
  16. 16.
    Impagliazzo, R., Luby, M.: One-way functions are essential for complexity based cryptography (extended abstract). In: Proc. 30th FOCS [1], pp. 230–235Google Scholar
  17. 17.
    Ishai, Y., Prabhakaran, M., Sahai, A.: Founding cryptography on oblivious transfer - efficiently. In: Wagner (ed.) [32], pp. 572–591Google Scholar
  18. 18.
    Kilian, J.: Founding cryptography on oblivious transfer. In: STOC, pp. 20–31. ACM, New York (1988)Google Scholar
  19. 19.
    Kilian, J.: A general completeness theorem for two-party games. In: STOC, pp. 553–560. ACM, New York (1991)Google Scholar
  20. 20.
    Kilian, J.: More general completeness theorems for secure two-party computation. In: Proc. 32th STOC, pp. 316–324. ACM, New York (2000)Google Scholar
  21. 21.
    Kilian, J., Kushilevitz, E., Micali, S., Ostrovsky, R.: Reducibility and completeness in private computations. SIAM J. Comput. 29(4), 1189–1208 (2000)MATHCrossRefMathSciNetGoogle Scholar
  22. 22.
    Kraschewski, D., Müller-Quade, J.: Completeness theorems with constructive proofs for symmetric, asymmetric and general 2-party-functions, 2008 (2008) (Unpublished Manuscript), http://iks.ira.uka.de/eiss/completeness
  23. 23.
    Künzler, R., Müller-Quade, J., Raub, D.: Secure computability of functions in the it setting with dishonest majority and applications to long-term security (2009)Google Scholar
  24. 24.
    Kushilevitz, E.: Privacy and communication complexity. In: FOCS [1], pp. 416–421Google Scholar
  25. 25.
    Maji, H.K., Prabhakaran, M., Rosulek, M.: Complexity of multi-party computation problems: The case of 2-party symmetric secure function evaluation. In: Reingold (ed.) [31], pp. 256–273Google Scholar
  26. 26.
    Maji, H.K., Prabhakaran, M., Rosulek, M.: Cryptographic complexity classes and computational intractability assumptions. In: Yao, A.C.-C. (ed.) Innovations in Computer Science, pp. 266–289. Tsinghua University Press, Beijing (2010)Google Scholar
  27. 27.
    Naor, M.: Bit commitment using pseudorandomness 4(2), 151–158 (1991), Brassard, G. (ed.) CRYPTO 1989. LNCS, vol. 435, pp. 128–136. Springer, Heidelberg (1990)Google Scholar
  28. 28.
    Nguyen, M.-H., Vadhan, S.P.: Zero knowledge with efficient provers. In: STOC, pp. 287–295. ACM, New York (2006)Google Scholar
  29. 29.
    Prabhakaran, M.: New Notions of Security. PhD thesis, Department of Computer Science, Princeton University (2005)Google Scholar
  30. 30.
    Prabhakaran, M., Rosulek, M.: Cryptographic complexity of multi-party computation problems: Classifications and separations. In: Wagner (ed.) [32], pp. 262–279Google Scholar
  31. 31.
    Reingold, O. (ed.): TCC 2009. LNCS, vol. 5444. Springer, Heidelberg (2009)MATHGoogle Scholar
  32. 32.
    Wagner, D. (ed.): CRYPTO 2008. LNCS, vol. 5157. Springer, Heidelberg (2008)MATHGoogle Scholar
  33. 33.
    Yao, A.C.: How to generate and exchange secrets. In: Proc. 27th FOCS, pp. 162–167. IEEE, Los Alamitos (1986)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2010

Authors and Affiliations

  • Hemanta K. Maji
    • 1
  • Manoj Prabhakaran
    • 1
  • Mike Rosulek
    • 2
  1. 1.Department of Computer ScienceUniversity of Illinois, Urbana-Champaign 
  2. 2.Department of Computer ScienceUniversity of Montana 

Personalised recommendations