Universally Composable Commitments
نویسندگان
چکیده
We propose a new security measure for commitment protocols, called Universally Composable (UC) Commitment. The measure guarantees that commitment protocols behave like an “ideal commitment service,” even when concurrently composed with an arbitrary set of protocols. This is a strong guarantee: it implies that security is maintained even when an unbounded number of copies of the scheme are running concurrently, it implies non-malleability (not only with respect to other copies of the same protocol but even with respect to other protocols), it provides resilience to selective decommitment, and more. Unfortunately two-party uc commitment protocols do not exist in the plain model. However, we construct two-party uc commitment protocols, based on general complexity assumptions, in the common reference string model where all parties have access to a common string taken from a predetermined distribution. The protocols are non-interactive, in the sense that both the commitment and the opening phases consist of a single message from the committer to the receiver.
منابع مشابه
Non-interactive and Re-usable Universally Composable String Commitments with Adaptive Security
We present the first provably secure constructions of universally composable (UC) commitments (in pairing-friendly groups) that simultaneously combine the key properties of being non-interactive, supporting commitments to strings (instead of bits only), and offering reusability of the common reference string for multiple commitments. Our schemes are also adaptively secure assuming reliable eras...
متن کاملPerfect Hiding and Perfect Binding Universally Composable Commitment Schemes with Constant Expansion Factor
Canetti and Fischlin have recently proposed the security notion universal composability for commitment schemes and provided two examples. This new notion is very strong. It guarantees that security is maintained even when an unbounded number of copies of the scheme are running concurrently, also it guarantees non-malleability and security against adaptive adversaries. Both proposed schemes use ...
متن کاملUniversally Composable Commitments Using Random Oracles
In the setting of universal composability [Can01], commitments cannot be implemented without additional assumptions such as that of a publicly available common reference string [CF01]. Here, as an alternative to the commitments in the common reference string model, the use of random oracles to achieve universal composability of commitment protocols is motivated. Special emphasis is put on the s...
متن کاملHighly-Efficient Universally-Composable Commitments Based on the DDH Assumption
Universal composability (or UC security) provides very strong security guarantees for protocols that run in complex real-world environments. In particular, security is guaranteed to hold when the protocol is run concurrently many times with other secure and possibly insecure protocols. Commitment schemes are a basic building block in many cryptographic constructions, and as such universally com...
متن کاملUniversally Composable Security Concurrent Deniable Authentication Based on Witness Indistinguishable
A new approach and an idea for exploration are presented to the concurrent deniable authentication based on witness-indistinguishable (WI) within the framework of universally composable (UC) security. A definition of an ideal functionality for deniable authentication is formulated. A new deniable authentication protocol is proposed based on two primitives of the verifiably smooth projective Has...
متن کاملUniversally Composable Quantum Multi-party Computation
The Universal Composability model (UC) by Canetti (FOCS 2001) allows for secure composition of arbitrary protocols. We present a quantum version of the UC model which enjoys the same compositionality guarantees. We prove that in this model statistically secure oblivious transfer protocols can be constructed from commitments. Furthermore, we show that every statistically classically UC secure pr...
متن کامل