Advertisement

Practical and Employable Protocols for UC-Secure Circuit Evaluation over ℤn

  • Jan Camenisch
  • Robert R. Enderlein
  • Victor Shoup
Part of the Lecture Notes in Computer Science book series (LNCS, volume 8134)

Abstract

We present a set of new, efficient, universally composable two-party protocols for evaluating reactive arithmetic circuits modulo n, where n is a safe RSA modulus of unknown factorization. Our protocols are based on a homomorphic encryption scheme with message space ℤn, zero-knowledge proofs of existence, and a novel “mixed” trapdoor commitment scheme. Our protocols are proven secure against adaptive corruptions (assuming secure erasures) under standard assumptions in the CRS model (without random oracles). Our protocols appear to be the most efficient ones that satisfy these security requirements. In contrast to prior protocols, we provide facilities that allow for the use of our protocols as building blocks of higher-level protocols.

Keywords

Two-party computation Practical Protocols UC-Security 

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Babbage, S., Catalano, D., Cid, C., de Weger, B., Dunkelman, O., Gehrmann, C., Granboulan, L., Güneysu, T., Hermans, J., Lange, T., Lenstra, A., Mitchell, C., Näslund, M., Nguyen, P., Paar, C., Paterson, K., Pelzl, J., Pornin, T., Preneel, B., Rechberger, C., Rijmen, V., Robshaw, M., Rupp, A., Schläffer, M., Vaudenay, S., Vercauteren, F., Ward, M.: ECRYPT II Yearly Report on Algorithms and Keysizes (2011)Google Scholar
  2. 2.
    Bendlin, R., Damgård, I., Orlandi, C., Zakarias, S.: Semi-homomorphic Encryption and Multiparty Computation. In: Paterson, K.G. (ed.) EUROCRYPT 2011. LNCS, vol. 6632, pp. 169–188. Springer, Heidelberg (2011)CrossRefGoogle Scholar
  3. 3.
    Camenisch, J., Casati, N., Gross, T., Shoup, V.: Credential Authenticated Identification and Key Exchange. In: Rabin, T. (ed.) CRYPTO 2010. LNCS, vol. 6223, pp. 255–276. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  4. 4.
    Camenisch, J., Enderlein, R.R., Shoup, V.: Practical Universally Composable Circuit Evaluation over Z n. IACR Cryptology ePrint Archive, 2013:205 (2013)Google Scholar
  5. 5.
    Camenisch, J., Krenn, S., Shoup, V.: A Framework for Practical Universally Composable Zero-Knowledge Protocols. In: Lee, D.H., Wang, X. (eds.) ASIACRYPT 2011. LNCS, vol. 7073, pp. 449–467. Springer, Heidelberg (2011)CrossRefGoogle Scholar
  6. 6.
    Camenisch, J., Shoup, V.: Practical Verifiable Encryption and Decryption of Discrete Logarithms. In: Boneh, D. (ed.) CRYPTO 2003. LNCS, vol. 2729, pp. 126–144. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  7. 7.
    Camenisch, J., Stadler, M.: Proof Systems for General Statements about Discrete Logarithms. Institute for Theoretical Computer Science, ETH Zürich, Tech. Rep., 260 (1997)Google Scholar
  8. 8.
    Canetti, R.: Universally Composable Security: A New Paradigm for Cryptographic Protocols. IACR Cryptology ePrint Archive, 2000:67 (2000)Google Scholar
  9. 9.
    Canetti, R., Fischlin, M.: Universally Composable Commitments. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, pp. 19–40. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  10. 10.
    Canetti, R., Halevi, S., Katz, J.: Adaptively-Secure, Non-interactive Public-Key Encryption. In: Kilian, J. (ed.) TCC 2005. LNCS, vol. 3378, pp. 150–168. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  11. 11.
    Canetti, R., Kushilevitz, E., Lindell, Y.: On the Limitations of Universally Composable Two-Party Computation Without Set-Up Assumptions. J. Cryptology 19(2), 135–167 (2006)MathSciNetzbMATHCrossRefGoogle Scholar
  12. 12.
    Canetti, R., Lindell, Y., Ostrovsky, R., Sahai, A.: Universally Composable Two-Party and Multi-Party Secure Computation. In: STOC, pp. 494–503 (2002)Google Scholar
  13. 13.
    Cramer, R., Damgård, I., Nielsen, J.B.: Multiparty Computation from Threshold Homomorphic Encryption. In: Pfitzmann, B. (ed.) EUROCRYPT 2001. LNCS, vol. 2045, pp. 280–299. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  14. 14.
    Damgård, I., Jurik, M.: A Length-Flexible Threshold Cryptosystem with Applications. In: Safavi-Naini, R., Seberry, J. (eds.) ACISP 2003. LNCS, vol. 2727, pp. 350–364. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  15. 15.
    Damgård, I., Keller, M.: Secure Multiparty AES. In: Sion, R. (ed.) FC 2010. LNCS, vol. 6052, pp. 367–374. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  16. 16.
    Damgård, I., Keller, M., Larraia, E., Miles, C., Smart, N.P.: Implementing AES via an Actively/Covertly Secure Dishonest-Majority MPC Protocol. In: Visconti, I., De Prisco, R. (eds.) SCN 2012. LNCS, vol. 7485, pp. 241–263. Springer, Heidelberg (2012)CrossRefGoogle Scholar
  17. 17.
    Damgård, I., Keller, M., Larraia, E., Pastro, V., Scholl, P., Smart, N.P.: Practical Covertly Secure MPC for Dishonest Majority – Or: Breaking the SPDZ Limits. In: Crampton, J., Jajodia, S., Mayes, K. (eds.) ESORICS 2013. LNCS, vol. 8134, pp. 1–18. Springer, Heidelberg (2013)Google Scholar
  18. 18.
    Damgård, I., Nielsen, J.B.: Universally Composable Efficient Multiparty Computation from Threshold Homomorphic Encryption. In: Boneh, D. (ed.) CRYPTO 2003. LNCS, vol. 2729, pp. 247–264. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  19. 19.
    Damgård, I., Orlandi, C.: Multiparty Computation for Dishonest Majority: From Passive to Active Security at Low Cost. In: Rabin, T. (ed.) CRYPTO 2010. LNCS, vol. 6223, pp. 558–576. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  20. 20.
    Damgård, I., Orlandi, C.: Multiparty Computation for Dishonest Majority: from Passive to Active Security at Low Cost. IACR Cryptology ePrint Archive, 2010:318 (2010)Google Scholar
  21. 21.
    Damgård, I., Pastro, V., Smart, N.P., Zakarias, S.: Multiparty Computation from Somewhat Homomorphic Encryption. In: Safavi-Naini, R., Canetti, R. (eds.) CRYPTO 2012. LNCS, vol. 7417, pp. 643–662. Springer, Heidelberg (2012)CrossRefGoogle Scholar
  22. 22.
    Hofheinz, D., Shoup, V.: GNUC: A New Universal Composability Framework. IACR Cryptology ePrint Archive, 2011:303 (2011)Google Scholar
  23. 23.
    Ishai, Y., Prabhakaran, M., Sahai, A.: Secure Arithmetic Computation with No Honest Majority. IACR Cryptology ePrint Archive, 2008:465 (2008)Google Scholar
  24. 24.
    Ishai, Y., Prabhakaran, M., Sahai, A.: Secure Arithmetic Computation with No Honest Majority. In: Reingold, O. (ed.) TCC 2009. LNCS, vol. 5444, pp. 294–314. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  25. 25.
    Jarecki, S., Liu, X.: Efficient Oblivious Pseudorandom Function with Applications to Adaptive OT and Secure Computation of Set Intersection. In: Reingold, O. (ed.) TCC 2009. LNCS, vol. 5444, pp. 577–594. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  26. 26.
    Jarecki, S., Shmatikov, V.: Efficient Two-Party Secure Computation on Committed Inputs. In: Naor, M. (ed.) EUROCRYPT 2007. LNCS, vol. 4515, pp. 97–114. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  27. 27.
    Kreuter, B., Shelat, A., Shen, C.: Towards Billion-Gate Secure Computation with Malicious Adversaries. IACR Cryptology ePrint Archive, 2012:179 (2012)Google Scholar
  28. 28.
    Küsters, R.: Simulation-Based Security with Inexhaustible Interactive Turing Machines. In: IEEE Computer Security Foundations Workshop, pp. 309–320 (2006)Google Scholar
  29. 29.
    Lindell, Y., Pinkas, B.: An Efficient Protocol for Secure Two-Party Computation in the Presence of Malicious Adversaries. In: Naor, M. (ed.) EUROCRYPT 2007. LNCS, vol. 4515, pp. 52–78. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  30. 30.
    Lindell, Y., Pinkas, B., Smart, N.P.: Implementing Two-Party Computation Efficiently with Security Against Malicious Adversaries. In: Ostrovsky, R., De Prisco, R., Visconti, I. (eds.) SCN 2008. LNCS, vol. 5229, pp. 2–20. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  31. 31.
    Maurer, U., Renner, R.: Abstract Cryptography. In: ICS, pp. 1–21 (2011)Google Scholar
  32. 32.
    Nielsen, J.B.: On Protocol Security in the Cryptographic Model. PhD thesis, BRICS, Computer Science Department, University of Aarhus (2003)Google Scholar
  33. 33.
    Nielsen, J.B., Nordholt, P.S., Orlandi, C., Burra, S.S.: A New Approach to Practical Active-Secure Two-Party Computation. In: Safavi-Naini, R., Canetti, R. (eds.) CRYPTO 2012. LNCS, vol. 7417, pp. 681–700. Springer, Heidelberg (2012)CrossRefGoogle Scholar
  34. 34.
    Nielsen, J.B., Orlandi, C.: LEGO for Two-Party Secure Computation. In: Reingold, O. (ed.) TCC 2009. LNCS, vol. 5444, pp. 368–386. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  35. 35.
    Paillier, P.: Public-Key Cryptosystems Based on Composite Degree Residuosity Classes. In: Stern, J. (ed.) EUROCRYPT 1999. LNCS, vol. 1592, pp. 223–238. Springer, Heidelberg (1999)CrossRefGoogle Scholar
  36. 36.
    Pfitzmann, B., Waidner, M.: A Model for Asynchronous Reactive Systems and its Application to Secure Message Transmission. In: IEEE Security & Privacy, pp. 184–200 (2001)Google Scholar
  37. 37.
    Pinkas, B., Schneider, T., Smart, N.P., Williams, S.C.: Secure Two-Party Computation Is Practical. In: Matsui, M. (ed.) ASIACRYPT 2009. LNCS, vol. 5912, pp. 250–267. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  38. 38.
    Wagstaff Jr., S.S.: Greatest of the Least Primes in Arithmetic Progressions Having a Given Modulus. Mathematics of Computation 33(147), 1073–1080 (1979)MathSciNetzbMATHCrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2013

Authors and Affiliations

  • Jan Camenisch
    • 1
  • Robert R. Enderlein
    • 1
    • 2
  • Victor Shoup
    • 3
  1. 1.IBM Research - ZurichRüschlikonSwitzerland
  2. 2.Department of Computer ScienceETH ZürichZürichSwitzerland
  3. 3.Courant InstituteNew York UniversityNew YorkUSA

Personalised recommendations