Paper 2007/334

New Constructions for UC Secure Computation using Tamper-proof Hardware

Nishanth Chandran, Vipul Goyal, and Amit Sahai

Abstract

The Universal Composability framework was introduced by Canetti to study the security of protocols which are concurrently executed with other protocols in a network environment. Unfortunately it was shown that in the so called plain model, a large class of functionalities cannot be securely realized. These severe impossibility results motivated the study of other models involving some sort of setup assumptions, where general positive results can be obtained. Until recently, all the setup assumptions which were proposed required some trusted third party (or parties). Katz recently proposed using a \emph{physical setup} to avoid such trusted setup assumptions. In his model, the physical setup phase includes the parties exchanging tamper proof hardware tokens implementing some functionality. The tamper proof hardware is modeled so as to assume that the receiver of the token can do nothing more than observe its input/output characteristics. It is further assumed that the sender \emph{knows} the program code of the hardware token which it distributed. Based on the DDH assumption, Katz gave general positive results for universally composable multi-party computation tolerating any number of dishonest parties making this model quite attractive. In this paper, we present new constructions for UC secure computation using tamper proof hardware (in a stronger model). Our results represent an improvement over the results of Katz in several directions using substantially different techniques. Interestingly, our security proofs do not rely on being able to rewind the hardware tokens created by malicious parties. This means that we are able to relax the assumptions that the parties \emph{know} the code of the hardware token which they distributed. This allows us to model real life attacks where, for example, a party may simply pass on the token obtained from one party to the other without actually knowing its functionality. Furthermore, our construction models the interaction with the tamper-resistant hardware as a simple request-reply protocol. Thus, we show that the hardware tokens used in our construction can be \emph{resettable}. In fact, it suffices to use token which are completely stateless (and thus cannot execute a multi-round protocol). Our protocol is also based on general assumptions (namely enhanced trapdoor permutations).

Metadata
Available format(s)
PDF
Category
Foundations
Publication info
Published elsewhere. Eurocrypt 2008
Contact author(s)
vipul @ microsoft com
History
2010-10-07: last of 4 revisions
2007-08-28: received
See all versions
Short URL
https://ia.cr/2007/334
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2007/334,
      author = {Nishanth Chandran and Vipul Goyal and Amit Sahai},
      title = {New Constructions for UC Secure Computation using Tamper-proof Hardware},
      howpublished = {Cryptology ePrint Archive, Paper 2007/334},
      year = {2007},
      note = {\url{https://eprint.iacr.org/2007/334}},
      url = {https://eprint.iacr.org/2007/334}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.