Cryptology ePrint Archive: Report 2013/205

Practical and Employable Protocols for UC-Secure Circuit Evaluation over $Z_n$

Jan Camenisch and Robert R. Enderlein and Victor Shoup

Abstract: We present a set of new, efficient, universally composable two-party protocols for evaluating reactive arithmetic circuits modulo n, where n is a safe RSA modulus of unknown factorization. Our protocols are based on a homomorphic encryption scheme with message space $Z_n$, zero-knowledge proofs of existence, and a novel "mixed" trapdoor commitment scheme. Our protocols are proven secure against adaptive corruptions (assuming secure erasures) under standard assumptions in the CRS model (without random oracles). Our protocols appear to be the most efficient ones that satisfy these security requirements. In contrast to prior protocols, we provide facilities that allow for the use of our protocols as building blocks of higher-level protocols. An additional contribution of this paper is a universally composable construction of the variant of the Dodis-Yampolskiy oblivious pseudorandom function in a group of order n as originally proposed by Jarecki and Liu.

Category / Keywords: cryptographic protocols / Two-party computation, Practical Protocols, UC-Security

Publication Info: In submission at ESORICS 2013

Date: received 9 Apr 2013

Contact author: enr at zurich ibm com

Available formats: PDF | BibTeX Citation

Version: 20130414:060204 (All versions of this report)

Discussion forum: Show discussion | Start new discussion