Paper 2021/1562

Concurrently Composable Non-Interactive Secure Computation

Andrew Morgan and Rafael Pass


We consider the feasibility of non-interactive secure two-party computation (NISC) in the plain model satisfying the notion of superpolynomial-time simulation (SPS). While stand-alone secure SPS-NISC protocols are known from standard assumptions (Badrinarayanan et al., Asiacrypt 2017), it has remained an open problem to construct a concurrently composable SPS-NISC. Prior to our work, the best protocols require 5 rounds (Garg et al., Eurocrypt 2017), or 3 simultaneous-message rounds (Badrinarayanan et al., TCC 2017). In this work, we demonstrate the first concurrently composable SPS-NISC. Our construction assumes the existence of: - a non-interactive (weakly) CCA-secure commitment, - a stand-alone secure SPS-NISC with subexponential security, and satisfies the notion of "angel-based" UC security (i.e., UC with a superpolynomial-time helper) with perfect correctness. We additionally demonstrate that both of the primitives we use (albeit only with polynomial security) are necessary for such concurrently composable SPS-NISC with perfect correctness. As such, our work identifies essentially necessary and sufficient primitives for concurrently composable SPS-NISC with perfect correctness in the plain model.

Available format(s)
Cryptographic protocols
Publication info
Preprint. MINOR revision.
secure computationtwo-party computationnon-interactivecomposableconcurrent securityUC security
Contact author(s)
asmorgan @ cs cornell edu
2021-11-29: received
Short URL
Creative Commons Attribution


      author = {Andrew Morgan and Rafael Pass},
      title = {Concurrently Composable Non-Interactive Secure Computation},
      howpublished = {Cryptology ePrint Archive, Paper 2021/1562},
      year = {2021},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.