Paper 2014/908

Practical UC security with a Global Random Oracle

Ran Canetti, Abhishek Jain, and Alessandra Scafuro


We show that there exist commitment, zero-knowledge and general function evaluation protocols with universally composable security, in a model where all parties and all protocols have access to a single, global, random oracle and no other trusted setup. This model provides significantly stronger composable security guarantees than the traditional random oracle model of Bellare and Rogaway [CCS’93] or even the common reference string model. Indeed, these latter models provide no security guarantees in the presence of arbitrary protocols that use the same random oracle (or reference string or hash function). Furthermore, our protocols are highly efficient. Specifically, in the interactive setting, our commitment and general computation protocols are much more efficient than the best known ones due to Lindell [Crypto’11,’13] which are secure in the common reference string model. In the non-interactive setting, our protocols are slightly less efficient than the best known ones presented by Afshar et al. [Eurocrypt ’14] but do away with the need to rely on a non-global (programmable) reference string.

Note: Full version.

Available format(s)
Publication info
Published elsewhere. MAJOR revision.ACM CCS 2014
Efficient Secure 2PCUC-securityGlobal Random Oracle.
Contact author(s)
alescafu @ gmail com
2014-11-16: last of 2 revisions
2014-11-05: received
See all versions
Short URL
Creative Commons Attribution


      author = {Ran Canetti and Abhishek Jain and Alessandra Scafuro},
      title = {Practical UC security with a Global Random Oracle},
      howpublished = {Cryptology ePrint Archive, Paper 2014/908},
      year = {2014},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.