Removing Erasures with Explainable Hash Proof Systems

  • Michel Abdalla
  • Fabrice Benhamouda
  • David Pointcheval
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 10174)

Abstract

An important problem in secure multi-party computation is the design of protocols that can tolerate adversaries that are capable of corrupting parties dynamically and learning their internal states. In this paper, we make significant progress in this area in the context of password-authenticated key exchange (\(\textsf {PAKE}\)) and oblivious transfer (\(\textsf {OT}\)) protocols. More precisely, we first revisit the notion of projective hash proofs and introduce a new feature that allows us to explain any message sent by the simulator in case of corruption, hence the notion of Explainable Projective Hashing. Next, we demonstrate that this new tool generically leads to efficient \(\textsf {PAKE}\) and \(\textsf {OT}\) protocols that are secure against semi-adaptive adversaries without erasures in the Universal Composability (UC) framework. We then show how to make these protocols secure even against adaptive adversaries, using non-committing encryption, in a much more efficient way than generic conversions from semi-adaptive to adaptive security. Finally, we provide concrete instantiations of explainable projective hash functions that lead to the most efficient \(\textsf {PAKE}\) and \(\textsf {OT}\) protocols known so far, with UC-security against adaptive adversaries, without assuming reliable erasures, in the single global CRS setting.

As an important side contribution, we also propose a new commitment scheme based on \(\textsf {DDH}\), which leads to the construction of the first one-round \(\textsf {PAKE}\) adaptively secure under plain \(\textsf {DDH}\) without pairing, assuming reliable erasures, and also improves previous constructions of \(\textsf {OT}\) and two- or three-round \(\textsf {PAKE}\) schemes.

Keywords

Oblivious transfer Password authenticated key exchange Erasures Universal composability Adaptive adversaries 

Copyright information

© International Association for Cryptologic Research 2017

Authors and Affiliations

  • Michel Abdalla
    • 1
  • Fabrice Benhamouda
    • 2
  • David Pointcheval
    • 1
  1. 1.ENS, CNRS, INRIA, and PSL Research UniversityParisFrance
  2. 2.IBM ResearchYorktown HeightsUSA

Personalised recommendations