Our security definition follows the standard ideal/real world simulation paradigm (with no super polynomial simulation etc). There is no apriori bound on the number of concurrent executions.
We show interesting extensions of our positive results to the more general setting where the honest parties may choose different inputs in different session (even adaptively), the roles that the parties assume in the protocol may be interchangeable, etc. We also put forward a conjecture that we call the bounded pseudoentropy conjecture.
Prior to our work, the only positive results known in the plain model in the fully concurrent setting were for zero-knowledge.
Category / Keywords: cryptographic protocols / Publication Info: FOCS 2012 Date: received 6 Nov 2011, last revised 11 Sep 2012 Contact author: vipul at microsoft com Available format(s): PDF | BibTeX Citation Version: 20120911:134416 (All versions of this report) Short URL: ia.cr/2011/602 Discussion forum: Show discussion | Start new discussion