Resource Fairness and Composability of Cryptographic Protocols
Identifieur interne : 000083 ( Main/Exploration ); précédent : 000082; suivant : 000084Resource Fairness and Composability of Cryptographic Protocols
Auteurs : Juan A. Garay [États-Unis] ; Philip Mackenzie [États-Unis] ; Manoj Prabhakaran [États-Unis] ; Ke Yang [États-Unis]Source :
- Journal of Cryptology [ 0933-2790 ] ; 2011-10-01.
English descriptors
- KwdEn :
Abstract
Abstract: We introduce the notion of resource-fair protocols. Informally, this property states that if one party learns the output of the protocol, then so can all other parties, as long as they expend roughly the same amount of resources. As opposed to previously proposed definitions related to fairness, our definition follows the standard simulation paradigm and enjoys strong composability properties. In particular, our definition is similar to the security definition in the universal composability (UC) framework, but works in a model that allows any party to request additional resources from the environment to deal with dishonest parties that may prematurely abort. In this model we specify the ideally fair functionality as allowing parties to “invest resources” in return for outputs, but in such an event offering all other parties a fair deal. (The formulation of fair dealings is kept independent of any particular functionality, by defining it using a “wrapper.”) Thus, by relaxing the notion of fairness, we avoid a well-known impossibility result for fair multi-party computation with corrupted majority; in particular, our definition admits constructions that tolerate arbitrary number of corruptions. We also show that, as in the UC framework, protocols in our framework may be arbitrarily and concurrently composed. Turning to constructions, we define a “commit-prove-fair-open” functionality and design an efficient resource-fair protocol that securely realizes it, using a new variant of a cryptographic primitive known as “time-lines.” With (the fairly wrapped version of) this functionality we show that some of the existing secure multi-party computation protocols can be easily transformed into resource-fair protocols while preserving their security.
Url:
DOI: 10.1007/s00145-010-9080-z
Affiliations:
Links toward previous steps (curation, corpus...)
- to stream Istex, to step Corpus: 000433
- to stream Istex, to step Curation: 000386
- to stream Istex, to step Checkpoint: 000077
- to stream Main, to step Merge: 000084
- to stream Main, to step Curation: 000083
Le document en format XML
<record><TEI wicri:istexFullTextTei="biblStruct"><teiHeader><fileDesc><titleStmt><title xml:lang="en">Resource Fairness and Composability of Cryptographic Protocols</title><author><name sortKey="Garay, Juan A" sort="Garay, Juan A" uniqKey="Garay J" first="Juan A." last="Garay">Juan A. Garay</name></author><author><name sortKey="Mackenzie, Philip" sort="Mackenzie, Philip" uniqKey="Mackenzie P" first="Philip" last="Mackenzie">Philip Mackenzie</name></author><author><name sortKey="Prabhakaran, Manoj" sort="Prabhakaran, Manoj" uniqKey="Prabhakaran M" first="Manoj" last="Prabhakaran">Manoj Prabhakaran</name></author><author><name sortKey="Yang, Ke" sort="Yang, Ke" uniqKey="Yang K" first="Ke" last="Yang">Ke Yang</name></author></titleStmt><publicationStmt><idno type="wicri:source">ISTEX</idno><idno type="RBID">ISTEX:930BABF39FBB2E3EAE04990275C702B3BC958C6D</idno><date when="2010" year="2010">2010</date><idno type="doi">10.1007/s00145-010-9080-z</idno><idno type="url">https://api.istex.fr/document/930BABF39FBB2E3EAE04990275C702B3BC958C6D/fulltext/pdf</idno><idno type="wicri:Area/Istex/Corpus">000433</idno><idno type="wicri:explorRef" wicri:stream="Istex" wicri:step="Corpus" wicri:corpus="ISTEX">000433</idno><idno type="wicri:Area/Istex/Curation">000386</idno><idno type="wicri:Area/Istex/Checkpoint">000077</idno><idno type="wicri:explorRef" wicri:stream="Istex" wicri:step="Checkpoint">000077</idno><idno type="wicri:doubleKey">0933-2790:2010:Garay J:resource:fairness:and</idno><idno type="wicri:Area/Main/Merge">000084</idno><idno type="wicri:Area/Main/Curation">000083</idno><idno type="wicri:Area/Main/Exploration">000083</idno></publicationStmt><sourceDesc><biblStruct><analytic><title level="a" type="main" xml:lang="en">Resource Fairness and Composability of Cryptographic Protocols</title><author><name sortKey="Garay, Juan A" sort="Garay, Juan A" uniqKey="Garay J" first="Juan A." last="Garay">Juan A. Garay</name><affiliation wicri:level="2"><country xml:lang="fr">États-Unis</country><wicri:regionArea>AT&T Labs—Research, Florham Park, NJ</wicri:regionArea><placeName><region type="state">New Jersey</region></placeName></affiliation><affiliation></affiliation></author><author><name sortKey="Mackenzie, Philip" sort="Mackenzie, Philip" uniqKey="Mackenzie P" first="Philip" last="Mackenzie">Philip Mackenzie</name><affiliation wicri:level="2"><country xml:lang="fr">États-Unis</country><wicri:regionArea>Google Inc., Mountain View, CA</wicri:regionArea><placeName><region type="state">Californie</region></placeName></affiliation><affiliation></affiliation></author><author><name sortKey="Prabhakaran, Manoj" sort="Prabhakaran, Manoj" uniqKey="Prabhakaran M" first="Manoj" last="Prabhakaran">Manoj Prabhakaran</name><affiliation wicri:level="2"><country xml:lang="fr">États-Unis</country><wicri:regionArea>Computer Science Department, University of Illinois at Urbana-Champaign, Urbana-Champaign, IL</wicri:regionArea><placeName><region type="state">Illinois</region></placeName></affiliation><affiliation wicri:level="1"><country wicri:rule="url">États-Unis</country></affiliation></author><author><name sortKey="Yang, Ke" sort="Yang, Ke" uniqKey="Yang K" first="Ke" last="Yang">Ke Yang</name><affiliation wicri:level="2"><country xml:lang="fr">États-Unis</country><wicri:regionArea>Google Inc., Mountain View, CA</wicri:regionArea><placeName><region type="state">Californie</region></placeName></affiliation><affiliation></affiliation></author></analytic><monogr></monogr><series><title level="j">Journal of Cryptology</title><title level="j" type="abbrev">J Cryptol</title><idno type="ISSN">0933-2790</idno><idno type="eISSN">1432-1378</idno><imprint><publisher>Springer-Verlag</publisher><pubPlace>New York</pubPlace><date type="published" when="2011-10-01">2011-10-01</date><biblScope unit="volume">24</biblScope><biblScope unit="issue">4</biblScope><biblScope unit="page" from="615">615</biblScope><biblScope unit="page" to="658">658</biblScope></imprint><idno type="ISSN">0933-2790</idno></series></biblStruct></sourceDesc><seriesStmt><idno type="ISSN">0933-2790</idno></seriesStmt></fileDesc><profileDesc><textClass><keywords scheme="KwdEn" xml:lang="en"><term>Cryptographic protocols</term><term>Fairness</term><term>Secure multi-party computation</term><term>Security models and definitions</term><term>Universal composability</term></keywords></textClass><langUsage><language ident="en">en</language></langUsage></profileDesc></teiHeader><front><div type="abstract" xml:lang="en">Abstract: We introduce the notion of resource-fair protocols. Informally, this property states that if one party learns the output of the protocol, then so can all other parties, as long as they expend roughly the same amount of resources. As opposed to previously proposed definitions related to fairness, our definition follows the standard simulation paradigm and enjoys strong composability properties. In particular, our definition is similar to the security definition in the universal composability (UC) framework, but works in a model that allows any party to request additional resources from the environment to deal with dishonest parties that may prematurely abort. In this model we specify the ideally fair functionality as allowing parties to “invest resources” in return for outputs, but in such an event offering all other parties a fair deal. (The formulation of fair dealings is kept independent of any particular functionality, by defining it using a “wrapper.”) Thus, by relaxing the notion of fairness, we avoid a well-known impossibility result for fair multi-party computation with corrupted majority; in particular, our definition admits constructions that tolerate arbitrary number of corruptions. We also show that, as in the UC framework, protocols in our framework may be arbitrarily and concurrently composed. Turning to constructions, we define a “commit-prove-fair-open” functionality and design an efficient resource-fair protocol that securely realizes it, using a new variant of a cryptographic primitive known as “time-lines.” With (the fairly wrapped version of) this functionality we show that some of the existing secure multi-party computation protocols can be easily transformed into resource-fair protocols while preserving their security.</div></front></TEI><affiliations><list><country><li>États-Unis</li></country><region><li>Californie</li><li>Illinois</li><li>New Jersey</li></region></list><tree><country name="États-Unis"><region name="New Jersey"><name sortKey="Garay, Juan A" sort="Garay, Juan A" uniqKey="Garay J" first="Juan A." last="Garay">Juan A. Garay</name></region><name sortKey="Mackenzie, Philip" sort="Mackenzie, Philip" uniqKey="Mackenzie P" first="Philip" last="Mackenzie">Philip Mackenzie</name><name sortKey="Prabhakaran, Manoj" sort="Prabhakaran, Manoj" uniqKey="Prabhakaran M" first="Manoj" last="Prabhakaran">Manoj Prabhakaran</name><name sortKey="Prabhakaran, Manoj" sort="Prabhakaran, Manoj" uniqKey="Prabhakaran M" first="Manoj" last="Prabhakaran">Manoj Prabhakaran</name><name sortKey="Yang, Ke" sort="Yang, Ke" uniqKey="Yang K" first="Ke" last="Yang">Ke Yang</name></country></tree></affiliations></record>Pour manipuler ce document sous Unix (Dilib)
EXPLOR_STEP=$WICRI_ROOT/Wicri/Mathematiques/explor/SophieGermainV1/Data/Main/Exploration
HfdSelect -h $EXPLOR_STEP/biblio.hfd -nk 000083 | SxmlIndent | more
Ou
HfdSelect -h $EXPLOR_AREA/Data/Main/Exploration/biblio.hfd -nk 000083 | SxmlIndent | more
Pour mettre un lien sur cette page dans le réseau Wicri
{{Explor lien
|wiki= Wicri/Mathematiques
|area= SophieGermainV1
|flux= Main
|étape= Exploration
|type= RBID
|clé= ISTEX:930BABF39FBB2E3EAE04990275C702B3BC958C6D
|texte= Resource Fairness and Composability of Cryptographic Protocols
}}
| This area was generated with Dilib version V0.6.33. |  |