Paper 2021/1175
Adaptive Security of Multi-Party Protocols, Revisited
Martin Hirt, Chen-Da Liu-Zhang, and Ueli Maurer
Abstract
The goal of secure multi-party computation (MPC) is to allow a set of parties to perform an arbitrary computation task, where the security guarantees depend on the set of parties that are corrupted. The more parties are corrupted, the less is guaranteed, and typically the guarantees are completely lost when the number of corrupted parties exceeds a certain corruption bound. Early and also many recent protocols are only statically secure in the sense that they provide no security guarantees if the adversary is allowed to choose adaptively which parties to corrupt. Security against an adversary with such a strong capability is often called adaptive security and a significant body of literature is devoted to achieving adaptive security, which is known as a difficult problem. In particular, a main technical obstacle in this context is the so-called ``commitment problem'', where the simulator is unable to consistently explain the internal state of a party with respect to its pre-corruption outputs. As a result, protocols typically resort to the use of cryptographic primitives like non-committing encryption, incurring a substantial efficiency loss. This paper provides a new, clean-slate treatment of adaptive security in MPC, exploiting the specification concept of constructive cryptography (CC). A new natural security notion, called CC-adaptive security, is proposed, which is technically weaker than standard adaptive security but nevertheless captures security against a fully adaptive adversary. Known protocol examples separating between adaptive and static security are also insecure in our notion. Moreover, our notion avoids the commitment problem and thereby the need to use non-committing or equivocal tools. We exemplify this by showing that the protocols by Cramer, Damgard and Nielsen (EUROCRYPT'01) for the honest majority setting, and (the variant without non-committing encryption) by Canetti, Lindell, Ostrovsky and Sahai (STOC'02) for the dishonest majority setting, achieve CC-adaptive security. The latter example is of special interest since all UC-adaptive protocols in the dishonest majority setting require some form of non-committing or equivocal encryption.
Metadata
- Available format(s)
- Category
- Foundations
- Publication info
- A minor revision of an IACR publication in TCC 2021
- Keywords
- Multi-party protocolsdefinitionscomposability
- Contact author(s)
-
cliuzhan @ andrew cmu edu
hirt @ inf ethz ch
maurer @ inf ethz ch - History
- 2022-01-30: revised
- 2021-09-14: received
- See all versions
- Short URL
- https://ia.cr/2021/1175
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2021/1175, author = {Martin Hirt and Chen-Da Liu-Zhang and Ueli Maurer}, title = {Adaptive Security of Multi-Party Protocols, Revisited}, howpublished = {Cryptology {ePrint} Archive, Paper 2021/1175}, year = {2021}, url = {https://eprint.iacr.org/2021/1175} }