Paper 2006/153

On the Relationships Between Notions of Simulation-Based Security

Anupam Datta, Ralf Kuesters, John C. Mitchell, and Ajith Ramanathan


Several compositional forms of simulation-based security have been proposed in the literature, including universal composability, black-box simulatability, and variants thereof. These relations between a protocol and an ideal functionality are similar enough that they can be ordered from strongest to weakest according to the logical form of their definitions. However, determining whether two relations are in fact identical depends on some subtle features that have not been brought out in previous studies. We identify the position of a ``master process" in the distributed system, and some limitations on transparent message forwarding within computational complexity bounds, as two main factors. Using a general computational framework, called Sequential Probabilistic Process Calculus (SPPC), we clarify the relationships between the simulation-based security conditions. We also prove general composition theorems in SPPC. Many of the proofs are carried out based on a small set of equivalence principles involving processes and distributed systems. This gives us results that carry over to a variety of computational models.

Available format(s)
Publication info
Published elsewhere. An abridged version of this work has been published in TCC 2005.
simulation-based securityuniversal composabilityreactive simulatabilityblack-box simulatabilityprocess calculus
Contact author(s)
kuesters @ ti informatik uni-kiel de
2006-04-22: received
Short URL
Creative Commons Attribution


      author = {Anupam Datta and Ralf Kuesters and John C.  Mitchell and Ajith Ramanathan},
      title = {On the Relationships Between Notions of Simulation-Based Security},
      howpublished = {Cryptology ePrint Archive, Paper 2006/153},
      year = {2006},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.