254 research outputs found
Composable Security in the Tamper Proof Hardware Model under Minimal Complexity
We put forth a new formulation of tamper-proof hardware in the Global Universal Composable (GUC) framework introduced by Canetti
et al. in TCC 2007. Almost all of the previous works rely on the formulation by Katz in Eurocrypt 2007 and this formulation does not fully capture tokens in a concurrent setting. We address these shortcomings by relying on the GUC framework where we make the following
contributions:
(1) We construct secure Two-Party Computation (2PC) protocols for general functionalities with optimal round complexity and
computational assumptions using stateless tokens. More precisely, we show how to realize arbitrary functionalities with GUC
security in two rounds under the minimal assumption of One-Way Functions (OWFs). Moreover, our construction relies on the
underlying function in a black-box way. As a corollary, we obtain feasibility of Multi-Party Computation (MPC) with GUC-security
under the minimal assumption of OWFs.
As an independent contribution, we identify an issue with a claim in a previous work by Goyal, Ishai, Sahai, Venkatesan and Wadia
in TCC 2010 regarding the feasibility of UC-secure computation with stateless tokens assuming collision-resistant hash-functions
(and the extension based only on one-way functions).
(2) We then construct a 3-round MPC protocol to securely realize arbitrary functionalities with GUC-security starting from any
semi-honest secure MPC protocol. For this construction, we require the so-called one-many commit-and-prove primitive introduced in
the original work of Canetti, Lindell, Ostrovsky and Sahai in STOC 2002 that is round-efficient and black-box in the underlying
commitment.
Using specially designed ``input-delayed\u27\u27 protocols we realize this primitive (with a 3-round protocol in our framework) using
stateless tokens and one-way functions (where the underlying one-way function is used in a black-box way)
Improved Black-Box Constructions of Composable Secure Computation
We close the gap between black-box and non-black-box constructions of secure multiparty computation in the plain model under the assumption of semi-honest oblivious transfer. The notion of protocol composition we target is security, or more precisely, security with super-polynomial helpers. In this notion, both the simulator and the adversary are given access to an oracle called an that can perform some predefined super-polynomial time task. Angel-based security maintains the attractive properties of the universal composition framework while providing meaningful security guarantees in complex environments without having to trust anyone.
Angel-based security can be achieved using non-black-box constructions in rounds where is the round-complexity of the semi-honest oblivious transfer. However, currently, the best known constructions under the same assumption require rounds. If is a constant, the gap between non-black-box and black-box constructions can be a multiplicative factor . We close this gap by presenting a -round black-box construction. We achieve this result by constructing constant-round 1-1 CCA-secure commitments assuming only black-box access to one-way functions
Composability in quantum cryptography
In this article, we review several aspects of composability in the context of
quantum cryptography. The first part is devoted to key distribution. We discuss
the security criteria that a quantum key distribution protocol must fulfill to
allow its safe use within a larger security application (e.g., for secure
message transmission). To illustrate the practical use of composability, we
show how to generate a continuous key stream by sequentially composing rounds
of a quantum key distribution protocol. In a second part, we take a more
general point of view, which is necessary for the study of cryptographic
situations involving, for example, mutually distrustful parties. We explain the
universal composability framework and state the composition theorem which
guarantees that secure protocols can securely be composed to larger
applicationsComment: 18 pages, 2 figure
QEnclave - A practical solution for secure quantum cloud computing
We introduce a secure hardware device named a QEnclave that can secure the
remote execution of quantum operations while only using classical controls.
This device extends to quantum computing the classical concept of a secure
enclave which isolates a computation from its environment to provide privacy
and tamper-resistance. Remarkably, our QEnclave only performs single-qubit
rotations, but can nevertheless be used to secure an arbitrary quantum
computation even if the qubit source is controlled by an adversary. More
precisely, attaching a QEnclave to a quantum computer, a remote client
controlling the QEnclave can securely delegate its computation to the server
solely using classical communication. We investigate the security of our
QEnclave by modeling it as an ideal functionality named Remote State Rotation.
We show that this resource, similar to previously introduced functionality of
remote state preparation, allows blind delegated quantum computing with perfect
security. Our proof relies on standard tools from delegated quantum computing.
Working in the Abstract Cryptography framework, we show a construction of
remote state preparation from remote state rotation preserving the security. An
immediate consequence is the weakening of the requirements for blind delegated
computation. While previous delegated protocols were relying on a client that
can either generate or measure quantum states, we show that this same
functionality can be achieved with a client that only transforms quantum states
without generating or measuring them.Comment: 25 pages, 5 figure
Constant Round Adaptively Secure Protocols in the Tamper-Proof Hardware Model
Achieving constant-round adaptively secure protocols (where all parties can be corrupted) in the plain model is a notoriously hard problem. Very recently, three works published in TCC 2015 (Dachman-Soled et al., Garg and Polychroniadou, Canetti et al.), solved the problem in the Common Reference String (CRS) model. In this work, we present a constant-round adaptive UC-secure computation protocol for all well-formed functionalities in the tamper-proof hardware model using stateless tokens from only one-way functions. In contrast, all prior works in the CRS model require very strong assumptions, in particular, the existence of indistinguishability obfuscation.
As a corollary to our techniques, we present the first adaptively secure protocols in the Random Oracle Model (ROM) with round complexity proportional to the depth of circuit implementing the functionality. Our protocols are secure in the Global Random Oracle Model introduced recently by Canetti, Jain and Scafuro in CCS 2014 that provides strong compositional guarantees. More precisely, we obtain an adaptively secure UC-commitment scheme in the global ROM assuming only one-way functions. In comparison, the protocol of Canetti, Jain and Scafuro achieves only static security and relies on the specific assumption of Discrete Diffie-Hellman assumption (DDH)
A Unified Approach to Constructing Black-box UC Protocols in Trusted Setup Models
We present a unified framework for obtaining black-box constructions of Universal Composable (UC) protocol in trusted setup models. Our result is analogous to the unified framework of Lin, Pass, and Venkitasubramaniam [STOC\u2709, Asiacrypt\u2712] that, however, only yields non-black-box constructions of UC protocols. Our unified framework shows that to obtain black-box constructions of UC protocols, it suffices to implement a special purpose commitment scheme that is, in particular, concurrently extractable using a given trusted setup. Using our framework, we improve black-box constructions in the common reference string and tamper-proof hardware token models by weakening the underlying computational and setup assumptions
The Cryptographic Strength of Tamper-Proof Hardware
Tamper-proof hardware has found its way into our everyday life in various forms, be it SIM cards, credit cards or passports. Usually, a cryptographic key is embedded in these hardware tokens that allows the execution of simple cryptographic operations, such as encryption or digital signing. The inherent security guarantees of tamper-proof hardware, however, allow more complex and diverse applications
Fortified Multi-Party Computation: Taking Advantage of Simple Secure Hardware Modules
In practice, there are numerous settings where mutually distrusting parties need to perform distributed computations on their private inputs.
For instance, participants in a first-price sealed-bid online auction do not want their bids to be disclosed.
This problem can be addressed using secure multi-party computation (MPC), where parties can evaluate a publicly known function on their private inputs by executing a specific protocol that only reveals the correct output, but nothing else about the private inputs.
Such distributed computations performed over the Internet are susceptible to remote hacks that may take place during the computation.
As a consequence, sensitive data such as private bids may leak.
All existing MPC protocols do not provide any protection against the consequences of such remote hacks.
We present the first MPC protocols that protect the remotely hacked parties’ inputs and outputs from leaking.
More specifically, unless the remote hack takes place before the party received its input or all parties are corrupted, a hacker is unable to learn the parties’ inputs and outputs, and is also unable to modify them.
We achieve these strong (privacy) guarantees by utilizing the fact that in practice parties may not be susceptible to remote attacks at every point in time, but only while they are online, i.e. able to receive messages.
To this end, we model communication via explicit channels.
In particular, we introduce channels with an airgap switch (disconnectable by the party in control of the switch), and unidirectional data diodes.
These channels and their isolation properties, together with very few, similarly simple and plausibly remotely unhackable hardware modules serve as the main ingredient for attaining such strong security guarantees.
In order to formalize these strong guarantees, we propose the UC with Fortified Security (UC#) framework, a variant of the Universal Composability (UC) framework
UC-Secure Multi-Session OT Using Tamper-Proof Hardware
In this paper, we show the first UC-secure {\it multi-session} OT protocol using tamper-proof hardware tokens. The sender and the receiver exchange tokens only at the beginning. Then these tokens are reused in arbitrarily many sessions of OT. The proposed scheme is UC-secure against static adversaries if the DDH assumption holds and a unique signature scheme exists. There exist a unique signature schemes under the Many DH assumption or under the DDHE assumption (in the standard model)
(Efficient) Universally Composable Oblivious Transfer Using a Minimal Number of Stateless Tokens
We continue the line of work initiated by Katz (Eurocrypt 2007) on using tamper-proof hardware tokens for universally composable secure computation. As our main result, we show an oblivious-transfer (OT) protocol in which two parties each create and exchange a single, stateless token and can then run an unbounded number of OTs. We also show a more efficient protocol, based only on standard symmetric-key primitives (block ciphers and collision-resistant hash functions), that can be used if a bounded number of OTs suffice.
Motivated by this result, we investigate the number of stateless tokens needed for universally composable OT. We prove that our protocol is optimal in this regard for constructions making black-box use of the tokens (in a sense we define). We also show that nonblack-box techniques can be used to obtain a construction using only a single stateless token
- …