Paper 2006/277

On Expected Probabilistic Polynomial-Time Adversaries -- A suggestion for restricted definitions and their benefits

Oded Goldreich

Abstract

This paper concerns the possibility of developing a coherent theory of security when feasibility is associated with expected probabilistic polynomial-time (expected PPT). The source of difficulty is that the known definitions of expected PPT strategies (i.e., expected PPT interactive machines) do not support natural results of the type presented below. To overcome this difficulty, we suggest new definitions of expected PPT strategies, which are more restrictive than the known definitions (but nevertheless extend the notion of expected PPT non-interactive algorithms). We advocate the conceptual adequacy of these definitions, and point out their technical advantages. Specifically, identifying a natural subclass of black-box simulators, called normal, we prove the following two results: (1) Security proofs that refer to all strict PPT adversaries (and are proven via normal black-box simulators), extend to provide security with respect to all adversaries that satisfy the restricted definitions of expected PPT. (2) Security composition theorems of the type known for strict PPT hold for these restricted definitions of expected PPT, where security means simulation by normal black-box simulators. Specifically, a normal black-box simulator is required to make an expected polynomial number of steps, when given oracle access to any strategy, where each oracle call is counted as a single step. This natural property is satisfies by most known simulators and is easy to verify.

Metadata
Available format(s)
PS
Category
Foundations
Publication info
Published elsewhere. Will be posted also on ECCC
Keywords
Zero-Knowledgesecure multi-party computationprotocol compositionblack-box simulationreset attacks
Contact author(s)
oded goldreich @ weizmann ac il
History
2006-08-17: received
Short URL
https://ia.cr/2006/277
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2006/277,
      author = {Oded Goldreich},
      title = {On Expected Probabilistic Polynomial-Time Adversaries -- A suggestion for restricted definitions and their benefits},
      howpublished = {Cryptology {ePrint} Archive, Paper 2006/277},
      year = {2006},
      url = {https://eprint.iacr.org/2006/277}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.