Bringing People of Different Beliefs Together to Do UC
Known constructions of UC secure protocols are based on the premise that different parties collectively agree on some trusted setup. In this paper, we consider the following two intriguing questions: Is it possible to achieve UC if the parties do not want to put all their trust in one entity (or more generally, in one setup)? What if the parties have a difference of opinion about what they are willing to trust? The first question has been studied in only a limited way, while the second has never been considered before.
In this paper, we initiate a systematic study to answer the above questions. We consider a scenario with multiple setup instances where each party in the system has some individual belief (setup assumption in terms of the given setups). The belief of a party corresponds to what it is willing to trust and its security is guaranteed given that its belief “holds.” The question considered is: “Given some setups and the (possibly) different beliefs of all the parties, when can UC security be achieved?” We present a general condition on the setups and the beliefs of all the parties under which UC security is possible. Surprisingly, we show that when parties have different beliefs, UC security can be achieved with a more limited “trust” than what is necessary in the traditional setting (where all parties have a common belief).
- 1.Barak, B., Canetti, R., Nielsen, J., Pass, R.: Universally composable protocols with relaxed set-up assumptions. In: FOCS (2004)Google Scholar
- 2.Barak, B., Prabhakaran, M., Sahai, A.: Concurrent non-malleable zero knowledge. In: FOCS (2006)Google Scholar
- 3.Ben-Or, M., Goldwasser, S., Wigderson, A.: Completeness theorems for non-cryptographic fault-tolerant distributed computation. In: STOC (1988)Google Scholar
- 4.Canetti, R.: Universally composable security: A new paradigm for cryptographic protocols. In: FOCS (2001)Google Scholar
- 7.Canetti, R., Kushilevitz, E., Lindell, Y.: On the limitations of universally composable two-party computation without set-up assumptions. J. Cryptology 19 (2006)Google Scholar
- 8.Canetti, R., Lindell, Y., Ostrovsky, R., Sahai, A.: Universally composable two-party and multi-party secure computation. In: STOC (2002)Google Scholar
- 9.Canetti, R., Pass, R., Shelat, A.: Cryptography from sunspots: How to use an imperfect reference string. In: FOCS (2007)Google Scholar
- 15.Kushilevitz, E., Lindell, Y., Rabin, T.: Information-theoretically secure protocols and security under composition. In: STOC (2006)Google Scholar
- 16.Lin, H., Pass, R., Venkitasubramaniam, M.: A unified framework for concurrent security: universal composability from stand-alone non-malleability. In: STOC (2009)Google Scholar
- 17.Lindell, Y.: Bounded-concurrent secure two-party computation without setup assumptions. In: STOC (2003)Google Scholar
- 20.Pass, R.: Bounded-concurrent secure multi-party computation with a dishonest majority. In: STOC (2004)Google Scholar
- 21.Pass, R., Rosen, A.: Bounded-concurrent secure two-party computation in a constant number of rounds. In: FOCS (2003)Google Scholar