Paper 2006/130

Simulatable Security and Polynomially Bounded Concurrent Composition

Dennis Hofheinz and Dominique Unruh

Abstract

Simulatable security is a security notion for multi-party protocols that implies strong composability features. The main definitional flavours of simulatable security are standard simulatability, universal simulatability, and black-box simulatability. All three come in "computational," "statistical" and "perfect" subflavours indicating the considered adversarial power. Universal and black-box simulatability, in all of their subflavours, are already known to guarantee that the concurrent composition even of a polynomial number of secure protocols stays secure. We show that computational standard simulatability does not allow for secure concurrent composition of polynomially many protocols, but we also show that statistical standard simulatability does. The first result assumes the existence of an interesting cryptographic tool (namely time-lock puzzles), and its proof employs a cryptographic multi-party computation in an interesting and unconventional way.

Metadata
Available format(s)
PS
Category
Cryptographic protocols
Publication info
Published elsewhere. Short version accepted at IEEE SSP 2006. This is the full version.
Keywords
Reactive SimulatabilityUniversal Composabilityconcurrent composition
Contact author(s)
Dennis Hofheinz @ cwi nl
History
2006-04-03: received
Short URL
https://ia.cr/2006/130
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2006/130,
      author = {Dennis Hofheinz and Dominique Unruh},
      title = {Simulatable Security and Polynomially Bounded Concurrent Composition},
      howpublished = {Cryptology ePrint Archive, Paper 2006/130},
      year = {2006},
      note = {\url{https://eprint.iacr.org/2006/130}},
      url = {https://eprint.iacr.org/2006/130}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.