Cryptology ePrint Archive: Report 2013/205

Practical and Employable Protocols for UC-Secure Circuit Evaluation over $Z_n$

Jan Camenisch and Robert R. Enderlein and Victor Shoup

Abstract: We present a set of new, efficient, universally composable two-party protocols for evaluating reactive arithmetic circuits modulo n, where n is a safe RSA modulus of unknown factorization. Our protocols are based on a homomorphic encryption scheme with message space $Z_n$, zero-knowledge proofs of existence, and a novel "mixed" trapdoor commitment scheme. Our protocols are proven secure against adaptive corruptions (assuming secure erasures) under standard assumptions in the CRS model (without random oracles). Our protocols appear to be the most efficient ones that satisfy these security requirements. In contrast to prior protocols, we provide facilities that allow for the use of our protocols as building blocks of higher-level protocols. An additional contribution of this paper is a universally composable construction of the variant of the Dodis-Yampolskiy oblivious pseudorandom function in a group of order n as originally proposed by Jarecki and Liu.

Category / Keywords: cryptographic protocols / Two-party computation, Practical Protocols, UC-Security

Publication Info: Accepted for publication at ESORICS 2013.

Date: received 9 Apr 2013, last revised 28 Jun 2013

Contact author: enr at zurich ibm com

Available format(s): PDF | BibTeX Citation

Note: This is the full version of a paper due to appear at the 18th European Symposium on Research in Computer Security (ESORICS 2013).

Version: 20130628:150349 (All versions of this report)

Discussion forum: Show discussion | Start new discussion


[ Cryptology ePrint archive ]