Communication complexity of secure computation (extended abstract)
STOC '92 Proceedings of the twenty-fourth annual ACM symposium on Theory of computing
Foundations of Cryptography: Volume 2, Basic Applications
Foundations of Cryptography: Volume 2, Basic Applications
Universally Composable Protocols with Relaxed Set-Up Assumptions
FOCS '04 Proceedings of the 45th Annual IEEE Symposium on Foundations of Computer Science
Fairplay—a secure two-party computation system
SSYM'04 Proceedings of the 13th conference on USENIX Security Symposium - Volume 13
A Framework for Efficient and Composable Oblivious Transfer
CRYPTO 2008 Proceedings of the 28th Annual conference on Cryptology: Advances in Cryptology
A Proof of Security of Yao’s Protocol for Two-Party Computation
Journal of Cryptology
Security against covert adversaries: efficient protocols for realistic adversaries
TCC'07 Proceedings of the 4th conference on Theory of cryptography
Efficient two party and multi party computation against covert adversaries
EUROCRYPT'08 Proceedings of the theory and applications of cryptographic techniques 27th annual international conference on Advances in cryptology
TCC'08 Proceedings of the 5th conference on Theory of cryptography
Efficient Secure Two-Party Protocols: Techniques and Constructions
Efficient Secure Two-Party Protocols: Techniques and Constructions
From passive to covert security at low cost
TCC'10 Proceedings of the 7th international conference on Theory of Cryptography
Hi-index | 0.00 |
We introduce the notion of covert security with public verifiability, building on the covert security model introduced by Aumann and Lindell (TCC 2007). Protocols that satisfy covert security guarantee that the honest parties involved in the protocol will notice any cheating attempt with some constant probability ε. The idea behind the model is that the fear of being caught cheating will be enough of a deterrent to prevent any cheating attempt. However, in the basic covert security model, the honest parties are not able to persuade any third party (say, a judge) that a cheating occurred. We propose (and formally define) an extension of the model where, when an honest party detects cheating, it also receives a certificate that can be published and used to persuade other parties, without revealing any information about the honest party's input. In addition, malicious parties cannot create fake certificates in the attempt of framing innocents. Finally, we construct a secure two-party computation protocol for any functionality f that satisfies our definition, and our protocol is almost as efficient as the one of Aumann and Lindell. We believe that the fear of a public humiliation or even legal consequences vastly exceeds the deterrent given by standard covert security. Therefore, even a small value of the deterrent factor ε will suffice in discouraging any cheating attempt.