Paper 2007/464
Secure Computation Without Authentication
Boaz Barak, Ran Canetti, Yehuda Lindell, Rafael Pass, and Tal Rabin
Abstract
Research on secure multiparty computation has mainly concentrated on the case where the parties can authenticate each other and the communication between them. This work addresses the question of what security can be guaranteed when authentication is not available. We consider a completely unauthenticated setting, where {\em all} messages sent by the parties may be tampered with and modified by the adversary without the uncorrupted parties being able to detect this fact. In this model, it is not possible to achieve the same level of security as in the authenticated-channel setting. Nevertheless, we show that meaningful security guarantees {\em can} be provided: Essentially, all the adversary can do is to partition the network into disjoint sets, where in each set the computation is secure in of itself, and also {\em independent} of the computation in the other sets. In this setting we provide, for the first time, non-trivial security guarantees in a model with {\em no setup assumptions whatsoever.} We also obtain similar results while guaranteeing universal composability, in some variants of the common reference string model. Finally, our protocols can be used to provide conceptually simple and unified solutions to a number of problems that were studied separately in the past, including password-based authenticated key exchange and non-malleable commitments. As an application of our results, we study the question of constructing secure protocols in partially-authenticated networks, where some of the links are authenticated and some are not (as is the case in most networks today).
Metadata
- Available format(s)
- Category
- Cryptographic protocols
- Publication info
- Published elsewhere. Preliminary version at Crypto 2005. Full version to appear at Journal of Cryptology.
- Keywords
- secure computationauthenticationsecure compositionpassword-based authentication
- Contact author(s)
- canetti @ csail mit edu
- History
- 2010-08-20: revised
- 2007-12-18: received
- See all versions
- Short URL
- https://ia.cr/2007/464
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2007/464, author = {Boaz Barak and Ran Canetti and Yehuda Lindell and Rafael Pass and Tal Rabin}, title = {Secure Computation Without Authentication}, howpublished = {Cryptology {ePrint} Archive, Paper 2007/464}, year = {2007}, url = {https://eprint.iacr.org/2007/464} }