Brief announcement: impossibility results for concurrent secure two-party computation
Proceedings of the twenty-second annual symposium on Principles of distributed computing
Bounded-concurrent secure multi-party computation with a dishonest majority
STOC '04 Proceedings of the thirty-sixth annual ACM symposium on Theory of computing
New notions of security: achieving universal composability without trusted setup
STOC '04 Proceedings of the thirty-sixth annual ACM symposium on Theory of computing
Concurrent general composition of secure protocols in the timing model
Proceedings of the thirty-seventh annual ACM symposium on Theory of computing
FOCS '05 Proceedings of the 46th Annual IEEE Symposium on Foundations of Computer Science
Information-theoretically secure protocols and security under composition
Proceedings of the thirty-eighth annual ACM symposium on Theory of computing
ACM SIGACT news distributed computing column 24
ACM SIGACT News
The reactive simulatability (RSIM) framework for asynchronous systems
Information and Computation
Cryptographic Complexity of Multi-Party Computation Problems: Classifications and Separations
CRYPTO 2008 Proceedings of the 28th Annual conference on Cryptology: Advances in Cryptology
A note on universal composable zero-knowledge in the common reference string model
Theoretical Computer Science
User-aided data authentication
International Journal of Security and Networks
A note on the feasibility of generalised universal composability†
Mathematical Structures in Computer Science
Efficient Concurrent npoly(logn)-Simulatable Argument of Knowledge
ISPEC '09 Proceedings of the 5th International Conference on Information Security Practice and Experience
Proceedings of the forty-first annual ACM symposium on Theory of computing
Adaptively Secure Two-Party Computation with Erasures
CT-RSA '09 Proceedings of the The Cryptographers' Track at the RSA Conference 2009 on Topics in Cryptology
Local Sequentiality Does Not Help for Concurrent Composition
CT-RSA '09 Proceedings of the The Cryptographers' Track at the RSA Conference 2009 on Topics in Cryptology
Polynomial runtime in simulatability definitions
Journal of Computer Security - 18th IEEE Computer Security Foundations Symposium (CSF 18)
Long-term security and universal composability
TCC'07 Proceedings of the 4th conference on Theory of cryptography
On the necessity of rewinding in secure multiparty computation
TCC'07 Proceedings of the 4th conference on Theory of cryptography
TCC'07 Proceedings of the 4th conference on Theory of cryptography
A note on universal composable zero knowledge in common reference string model
TAMC'07 Proceedings of the 4th international conference on Theory and applications of models of computation
A note on the feasibility of generalized universal composability
TAMC'07 Proceedings of the 4th international conference on Theory and applications of models of computation
Obtaining universally compoable security: towards the bare bones of trust
ASIACRYPT'07 Proceedings of the Advances in Crypotology 13th international conference on Theory and application of cryptology and information security
Public-key encryption with non-interactive opening
CT-RSA'08 Proceedings of the 2008 The Cryptopgraphers' Track at the RSA conference on Topics in cryptology
SAS-based group authentication and key agreement protocols
PKC'08 Proceedings of the Practice and theory in public key cryptography, 11th international conference on Public key cryptography
Deniable internet key exchange
ACNS'10 Proceedings of the 8th international conference on Applied cryptography and network security
The security proof of a 4-way handshake protocol in IEEE 802.11i
CIS'05 Proceedings of the 2005 international conference on Computational Intelligence and Security - Volume Part II
Efficiency preserving transformations for concurrent non-malleable zero knowledge
TCC'10 Proceedings of the 7th international conference on Theory of Cryptography
Comparing two notions of simulatability
TCC'05 Proceedings of the Second international conference on Theory of Cryptography
Conditional reactive simulatability
ESORICS'06 Proceedings of the 11th European conference on Research in Computer Security
Generalized environmental security from number theoretic assumptions
TCC'06 Proceedings of the Third conference on Theory of Cryptography
Resource fairness and composability of cryptographic protocols
TCC'06 Proceedings of the Third conference on Theory of Cryptography
On the (non-)equivalence of UC security notions
ProvSec'12 Proceedings of the 6th international conference on Provable Security
A unified framework for UC from only OT
ASIACRYPT'12 Proceedings of the 18th international conference on The Theory and Application of Cryptology and Information Security
| Hi-index | 0.00 |
Concurrent general composition relates to a setting where a secure protocol is run in a network concurrently with other, arbitrary protocols. Clearly, security in such a setting is what is desired, or even needed, in modern computer networks where many different protocols are executed concurrently. Canetti (FOCS 2001) introduced the notion of universal composability, and showed that security under this definition is sufficient for achieving concurrent generalcomposition. However, it is not known whether or not the opposite direction also holds.Our main result is a proof that security under concurrent general composition is equivalent to a relaxed variant of universal composability (where the only difference relates to the order of quantifiers in the definition). An important corollary of this theorem is that existing impossibilityresults for universal composability (or actually its relaxed variant) are inherent in any definition achieving security under concurrent general composition. In particular, there are large classes of two-party functionalities for which it is impossible to obtain protocols (in the plain model) thatremain secure under concurrent general composition. We stress that the impossibility results obtained are not "blackbox", and apply even to non-black-box simulation.Our main result also demonstrates that the definition of universal composability is somewhat "minimal", in that the composition guarantee provided by universal composability(almost) implies the definition itself. This indicates that the security definition of universal composability is not overly restrictive.