Composable Security in the Tamper-Proof Hardware Model Under Minimal Complexity

  • Carmit Hazay
  • Antigoni Polychroniadou
  • Muthuramakrishnan Venkitasubramaniam
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 9985)

Abstract

We put forth a new formulation of tamper-proof hardware in the Global Universal Composable (GUC) framework introduced by Canetti et al. in TCC 2007. Almost all of the previous works rely on the formulation by Katz in Eurocrypt 2007 and this formulation does not fully capture tokens in a concurrent setting. We address these shortcomings by relying on the GUC framework where we make the following contributions:
  1. 1.

    We construct secure Two-Party Computation (2PC) protocols for general functionalities with optimal round complexity and computational assumptions using stateless tokens. More precisely, we show how to realize arbitrary functionalities in the two-party setting with GUC security in two rounds under the minimal assumption of One-Way Functions (OWFs). Moreover, our construction relies on the underlying function in a black-box way. As a corollary, we obtain feasibility of Multi-Party Computation (MPC) with GUC-security under the minimal assumption of OWFs. As an independent contribution, we identify an issue with a claim in a previous work by Goyal, Ishai, Sahai, Venkatesan and Wadia in TCC 2010 regarding the feasibility of UC-secure computation with stateless tokens assuming collision-resistant hash-functions (and the extension based only on one-way functions).

     
  2. 2.

    We then construct a 3-round MPC protocol to securely realize arbitrary functionalities with GUC-security starting from any semi-honest secure MPC protocol. For this construction, we require the so-called one-many commit-and-prove primitive introduced in the original work of Canetti, Lindell, Ostrovsky and Sahai in STOC 2002 that is round-efficient and black-box in the underlying commitment. Using specially designed ?input-delayed? protocols we realize this primitive (with a 3-round protocol in our framework) using stateless tokens and one-way functions (where the underlying one-way function is used in a black-box way).

     

Keywords

Secure computation Tamper-proof hardware Round complexity Minimal assumptions 

References

  1. 1.
    Applebaum, B., Ishai, Y., Kushilevitz, E.: Cryptography in \(NC^0\). In: FOCS, pp. 166?175 (2004)Google Scholar
  2. 2.
    Barak, B., Canetti, R., Nielsen, J.B., Pass, R.: Universally composable protocols with relaxed set-up assumptions. In: FOCS, pp. 186?195 (2004)Google Scholar
  3. 3.
    Barak, B., Sahai, A.: How to play almost any mental game over the net - concurrent composition via super-polynomial simulation. In: FOCS, pp. 543?552 (2005)Google Scholar
  4. 4.
    Beaver, D.: Foundations of secure interactive computing. In: Feigenbaum, J. (ed.) CRYPTO 1991. LNCS, vol. 576, pp. 377?391. Springer, Heidelberg (1992). doi:10.1007/3-540-46766-1_31 Google Scholar
  5. 5.
    Boureanu, I., Ohkubo, M., Vaudenay, S.: The limits of composable crypto with transferable setup devices. In: CCS, pp. 381?392 (2015)Google Scholar
  6. 6.
    Canetti, R.: Universally composable security: a new paradigm for cryptographic protocols. In: FOCS, pp. 136?145 (2001)Google Scholar
  7. 7.
    Canetti, R., Dodis, Y., Pass, R., Walfish, S.: Universally composable security with global setup. In: Vadhan, S.P. (ed.) TCC 2007. LNCS, vol. 4392, pp. 61?85. Springer, Heidelberg (2007). doi:10.1007/978-3-540-70936-7_4 CrossRefGoogle Scholar
  8. 8.
    Canetti, R., Fischlin, M.: Universally composable commitments. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, pp. 19?40. Springer, Heidelberg (2001). doi:10.1007/3-540-44647-8_2 CrossRefGoogle Scholar
  9. 9.
    Canetti, R., Jain, A., Scafuro, A.: Practical UC security with a global random oracle. In: CCS, pp. 597?608 (2014)Google Scholar
  10. 10.
    Canetti, R., Kushilevitz, E., Lindell, Y.: On the limitations of universally composable two-party computation without set-up assumptions. J. Cryptology 19(2), 135?167 (2006)MathSciNetCrossRefMATHGoogle Scholar
  11. 11.
    Canetti, R., Lin, H., Pass, R.: Adaptive hardness and composable security in the plain model from standard assumptions. In: FOCS, pp. 541?550 (2010)Google Scholar
  12. 12.
    Canetti, R., Lindell, Y., Ostrovsky, R., Sahai, A.: Universally composable two-party and multi-party secure computation. In: STOC (2002)Google Scholar
  13. 13.
    Canetti, R., Pass, R., Shelat, A.: Cryptography from sunspots: how to use an imperfect reference string. In: FOCS, pp. 249?259 (2007)Google Scholar
  14. 14.
    Canetti, R., Rabin, T.: Universal composition with joint state. In: Boneh, D. (ed.) CRYPTO 2003. LNCS, vol. 2729, pp. 265?281. Springer, Heidelberg (2003). doi:10.1007/978-3-540-45146-4_16 CrossRefGoogle Scholar
  15. 15.
    Chandran, N., Goyal, V., Sahai, A.: New constructions for UC secure computation using tamper-proof hardware. In: Smart, N.P. (ed.) EUROCRYPT 2008. LNCS, vol. 4965, pp. 545?562. Springer, Heidelberg (2008). doi:10.1007/978-3-540-78967-3_31 CrossRefGoogle Scholar
  16. 16.
    Choi, S.G., Katz, J., Schröder, D., Yerukhimovich, A., Zhou, H.-S.: (Efficient) universally composable oblivious transfer using a minimal numberof stateless tokens. IACR Cryptology ePrint Archive, 2013:840 (2013)Google Scholar
  17. 17.
    Choi, S.G., Katz, J., Schröder, D., Yerukhimovich, A., Zhou, H.-S.: (Efficient) universally composable oblivious transfer using a minimal number of stateless tokens. In: Lindell, Y. (ed.) TCC 2014. LNCS, vol. 8349, pp. 638?662. Springer, Heidelberg (2014). doi:10.1007/978-3-642-54242-8_27 CrossRefGoogle Scholar
  18. 18.
    Ciampi, M., Ostrovsky, R., Siniscalchi, L., Visconti, I.: Concurrent non-malleable commitments (and more) in 3 rounds. In: Robshaw, M., Katz, J. (eds.) CRYPTO 2016. LNCS, vol. 9816, pp. 270?299. Springer, Heidelberg (2016). doi:10.1007/978-3-662-53015-3_10 CrossRefGoogle Scholar
  19. 19.
    Michele, C., Rafail, O., Luisa, S., Ivan, V.: On round-efficient non-malleable protocols. IACR Cryptology ePrint Archive, 2016:621 (2016)Google Scholar
  20. 20.
    Ciampi, M., Persiano, G., Scafuro, A., Siniscalchi, L., Visconti, I.: Improved or-composition of sigma-protocols. In: TCC, pp. 112?141 (2016)Google Scholar
  21. 21.
    Ciampi, M., Persiano, G., Scafuro, A., Siniscalchi, L., Visconti, I.: Online/Offline OR composition of sigma protocols. In: Fischlin, M., Coron, J.-S. (eds.) EUROCRYPT 2016. LNCS, vol. 9666, pp. 63?92. Springer, Heidelberg (2016). doi:10.1007/978-3-662-49896-5_3 CrossRefGoogle Scholar
  22. 22.
    Dachman-Soled, D., Malkin, T., Raykova, M., Venkitasubramaniam, M.: Adaptive and concurrent secure computation from new adaptive, non-malleable commitments. In: Sako, K., Sarkar, P. (eds.) ASIACRYPT 2013, Part I. LNCS, vol. 8269, pp. 316?336. Springer, Heidelberg (2013). doi:10.1007/978-3-642-42033-7_17 CrossRefGoogle Scholar
  23. 23.
    Döttling, N., Kraschewski, D., Müller-Quade, J.: Unconditional and composable security using a single stateful tamper-proof hardware token. In: Ishai, Y. (ed.) TCC 2011. LNCS, vol. 6597, pp. 164?181. Springer, Heidelberg (2011). doi:10.1007/978-3-642-19571-6_11 CrossRefGoogle Scholar
  24. 24.
    Döttling, N., Kraschewski, D., Möller-Quade, J., Nilges, T.: From stateful hardware to resettable hardware using symmetric assumptions. In: ProvSec, pp. 23?42 (2015)Google Scholar
  25. 25.
    Döttling, N., Kraschewski, D., Müller-Quade, J., Nilges, T.: General statistically secure computation with bounded-resettable hardware tokens. In: Dodis, Y., Nielsen, J.B. (eds.) TCC 2015, Part I. LNCS, vol. 9014, pp. 319?344. Springer, Heidelberg (2015). doi:10.1007/978-3-662-46494-6_14 Google Scholar
  26. 26.
    Döttling, N., Mie, T., Müller-Quade, J., Nilges, T.: Implementing resettable UC-functionalities with untrusted tamper-proof hardware-tokens. In: Sahai, A. (ed.) TCC 2013. LNCS, vol. 7785, pp. 642?661. Springer, Heidelberg (2013). doi:10.1007/978-3-642-36594-2_36 CrossRefGoogle Scholar
  27. 27.
    Garg, S., Gentry, C., Halevi, S., Raykova, M.: Two-round secure MPC from indistinguishability obfuscation. In: TCC, pp. 74?94 (2014)Google Scholar
  28. 28.
    Garg, S., Mukherjee, P., Pandey, O., Polychroniadou, A.: The exact round complexity of secure computation. In: Fischlin, M., Coron, J.-S. (eds.) EUROCRYPT 2016. LNCS, vol. 9666, pp. 448?476. Springer, Heidelberg (2016). doi:10.1007/978-3-662-49896-5_16 CrossRefGoogle Scholar
  29. 29.
    Goldreich, O., Micali, S., Wigderson, A.: How to play any mental game or a completeness theorem for protocols with honest majority. In: STOC, pp. 218?229 (1987)Google Scholar
  30. 30.
    Goyal, V., Ishai, Y., Sahai, A., Venkatesan, R., Wadia, A.: Founding cryptography on tamper-proof hardware tokens. In: Micciancio, D. (ed.) TCC 2010. LNCS, vol. 5978, pp. 308?326. Springer, Heidelberg (2010). doi:10.1007/978-3-642-11799-2_19 CrossRefGoogle Scholar
  31. 31.
    Goyal, V., Lee, C.-K., Ostrovsky, R., Visconti, I.: Constructing non-malleable commitments: a black-box approach. In: FOCS, pp. 51?60 (2012)Google Scholar
  32. 32.
    Goyal, V., Richelson, S., Rosen, A., Vald, M.: An algebraic approach to non-malleability. In: 55th IEEE Annual Symposium on Foundations of Computer Science, FOCS 2014, Philadelphia, PA, USA, 18?21 October 2014, pp. 41?50 (2014)Google Scholar
  33. 33.
    Haitner, I., Hoch, J.J., Reingold, O., Segev, G.: Finding collisions in interactive protocols - tight lower bounds on the round and communication complexities of statistically hiding commitments. SIAM J. Comput. 44(1), 193?242 (2015)MathSciNetCrossRefMATHGoogle Scholar
  34. 34.
    Carmit, H., Antigoni, P., Muthuramakrishnan, V.: Composable security in the tamper proof hardware model under minimal complexity. IACR Cryptology ePrint Archive 2015:887 (2015)Google Scholar
  35. 35.
    Hazay, C., Venkitasubramaniam, M.: On black-box complexity ofuniversally composable security in the CRS model. In: ASIACRYPT, pp. 183?209 (2015)Google Scholar
  36. 36.
    Hazay, C., Venkitasubramaniam, M.: On the power of secure two-party computation. In: Robshaw, M., Katz, J., Wooten, M.B. (eds.) CRYPTO 2016. LNCS, vol. 9815, pp. 397?429. Springer, Heidelberg (2016). doi:10.1007/978-3-662-53008-5_14 CrossRefGoogle Scholar
  37. 37.
    Brett, H., Zahra, J., Rafail, O., Alessandra, S., Daniel, W.: Adaptively secure garbled circuits from one-way functions. IACR Cryptology ePrint Archive 2015:1250 (2015)Google Scholar
  38. 38.
    Ishai, Y., Kushilevitz, E. Randomizing polynomials: a new representation with applications to round-efficient secure computation. In: FOCS, pp. 294?304 (2000)Google Scholar
  39. 39.
    Ishai, Y., Kushilevitz, E., Ostrovsky, R., Sahai, A.: Zero-knowledge proofs from secure multiparty computation. SIAM J. Comput. 39(3), 1121?1152 (2009)MathSciNetCrossRefMATHGoogle Scholar
  40. 40.
    Ishai, Y., Prabhakaran, M., Sahai, A.: Founding cryptography on oblivious transfer ? efficiently. In: Wagner, D. (ed.) CRYPTO 2008. LNCS, vol. 5157, pp. 572?591. Springer, Heidelberg (2008). doi:10.1007/978-3-540-85174-5_32 CrossRefGoogle Scholar
  41. 41.
    Kalai, Y.T., Lindell, Y., Prabhakaran, M.: Concurrent composition of secure protocols in the timing model. J. Cryptology 20(4), 431?492 (2007)MathSciNetCrossRefMATHGoogle Scholar
  42. 42.
    Katz, J.: Universally composable multi-party computation using tamper-proof hardware. In: Naor, M. (ed.) EUROCRYPT 2007. LNCS, vol. 4515, pp. 115?128. Springer, Heidelberg (2007). doi:10.1007/978-3-540-72540-4_7 CrossRefGoogle Scholar
  43. 43.
    Katz, J., Ostrovsky, R.: Round-optimal secure two-party computation. In: Franklin, M. (ed.) CRYPTO 2004. LNCS, vol. 3152, pp. 335?354. Springer, Heidelberg (2004). doi:10.1007/978-3-540-28628-8_21 CrossRefGoogle Scholar
  44. 44.
    Kilian, J.: Founding cryptography on oblivious transfer. In: STOC, pp. 20?31 (1988)Google Scholar
  45. 45.
    Lapidot, D., Shamir, A.: Publicly verifiable non-interactive zero-knowledge proofs. In: Menezes, A., Vanstone, S.A. (eds.) CRYPTO 1990. LNCS, vol. 537, pp. 353?365. Springer, Heidelberg (1991). doi:10.1007/3-540-38424-3_26 Google Scholar
  46. 46.
    Lin, H., Pass, R., Venkitasubramaniam, M.: A unified framework for concurrent security: universal composability from stand-alone non-malleability. In: STOC, pp. 179?188 (2009)Google Scholar
  47. 47.
    Pass, R., Lin, H., Venkitasubramaniam, M.: A unified framework for UC from only OT. In: Wang, X., Sako, K. (eds.) ASIACRYPT 2012. LNCS, vol. 7658, pp. 699?717. Springer, Heidelberg (2012). doi:10.1007/978-3-642-34961-4_42 CrossRefGoogle Scholar
  48. 48.
    Lindell, Y.: General composition and universal composability in secure multi-party computation. In: FOCS, pp. 394?403 (2003)Google Scholar
  49. 49.
    Jeremias, M., Jörn, M.-Q., Tobias, N.: Universally composable (non-interactive) two-party computation from untrusted reusable hardware tokens. IACR Cryptology ePrint Archive 2016:615 (2016)Google Scholar
  50. 50.
    Micali, S., Rogaway, P.: Secure computation. In: Feigenbaum, J. (ed.) CRYPTO 1991. LNCS, vol. 576, pp. 392?404. Springer, Heidelberg (1992). doi:10.1007/3-540-46766-1_32 Google Scholar
  51. 51.
    Moran, T., Segev, G.: David and Goliath commitments: UC computation for asymmetric parties using tamper-proof hardware. In: Smart, N.P. (ed.) EUROCRYPT 2008. LNCS, vol. 4965, pp. 527?544. Springer, Heidelberg (2008). doi:10.1007/978-3-540-78967-3_30 CrossRefGoogle Scholar
  52. 52.
    Naor, M.: Bit commitment using pseudorandomness. J. Cryptology 4(2), 151?158 (1991)CrossRefMATHGoogle Scholar
  53. 53.
    Nilges, T.: The Cryptographic Strength of Tamper-Proof Hardware. Ph.D. thesis, Karlsruhe Institute of Technology (2015)Google Scholar
  54. 54.
    Ostrovsky, R., Richelson, S., Scafuro, A.: Round-optimal black-box two-party computation. In: Gennaro, R., Robshaw, M. (eds.) CRYPTO 2015. LNCS, vol. 9216, pp. 339?358. Springer, Heidelberg (2015). doi:10.1007/978-3-662-48000-7_17 CrossRefGoogle Scholar
  55. 55.
    Pass, R.: Simulation in quasi-polynomial time, and its application to protocol composition. In: EUROCRYPT, pp. 160?176 (2003)Google Scholar
  56. 56.
    Pass, R., Wee, H.: Black-box constructions of two-party protocols from one-way functions. In: Reingold, O. (ed.) TCC 2009. LNCS, vol. 5444, pp. 403?418. Springer, Heidelberg (2009). doi:10.1007/978-3-642-00457-5_24 CrossRefGoogle Scholar
  57. 57.
    Prabhakaran, M., Sahai, A.: New notions of security: achieving universal composability without trusted setup. In: STOC, pp. 242?251 (2004)Google Scholar
  58. 58.
    Yao, A.C.-C.: How to generate and exchange secrets (extended abstract). In: FOCS, pp. 162?167 (1986)Google Scholar

Copyright information

© International Association for Cryptologic Research 2016

Authors and Affiliations

  • Carmit Hazay
    • 1
  • Antigoni Polychroniadou
    • 2
  • Muthuramakrishnan Venkitasubramaniam
    • 3
  1. 1.Bar-Ilan UniversityRamat GanIsrael
  2. 2.Aarhus UniversityAarhusDenmark
  3. 3.University of RochesterRochesterUSA

Personalised recommendations