Abstract
We revisit the problem of universally composable (UC) secure multiparty computation in the stateless hardware token model.
-
We construct a three round multi-party computation protocol for general functions based on one-way functions where each party sends two tokens to every other party. Relaxing to the two-party case, we also construct a two round protocol based on one-way functions where each party sends a single token to the other party, and at the end of the protocol, both parties learn the output.
-
One of the key components in the above constructions is a new two-round oblivious transfer protocol based on one-way functions using only one token, which can be reused an unbounded polynomial number of times.
All prior constructions required either stronger complexity assumptions, or larger number of rounds, or a larger number of tokens.
S. Badrinarayanan—Research supported in part by the IBM PhD Fellowship.
A. Jain—Research supported in part by NSF SaTC grant 1814919 and Darpa Safeware grant W911NF-15-C-0213.
R. Ostrovsky—Research supported in part by NSF-BSF Grant 1619348, DARPA/SPAWAR N66001-15-C-4065, ODNI/IARPA 2019-1902070008 US-Israel BSF grant 2012366, JP Morgan Faculty Award, OKAWA Foundation Research Award, IBM Faculty Research Award, Xerox Faculty Research Award, B. John Garrick Foundation Award, Teradata Research Award, and Lockheed-Martin Corporation Research Award. The views expressed are those of the authors and do not reflect position of the Department of Defense or the U.S. Government.
I. Visconti—Research supported in part by the European Union’s Horizon 2020 research and innovation programme under grant agreement No 780477 (project PRIViLEDGE).
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
One-way function is a necessary assumption in the stateless hardware token model since an unbounded adversary can simply “learn” a stateless token [GIS+10].
- 2.
This is the standard model for multiparty computation, where in each round, every party simultaneously broadcasts a message to the other parties. However, a rushing adversary may wait to receive the honest party’s message in any round before deciding its own message.
- 3.
For simplicity, here we assume a non-interactive commitment scheme. In order to use a two-round commitment scheme based on one-way functions, we use the token \({\mathbf T} \) to generate the first commitment message.
- 4.
Such argument systems can be constructed from one-way functions [COPV13].
- 5.
An alternate proof strategy is for the simulator to directly extract the values \(\mathsf {r}_0\) and \(\mathsf {r}_1\) using the extractor of the RWIAOK but we won’t delve further into that.
- 6.
To ease the exposition, we use non-interactive commitments that are based on injective one-way functions. We describe later how the protocol can be modified to use a two-round commitment scheme that relies only on one-way functions without increasing the round complexity of the protocol.
- 7.
To ease the exposition, we use non-interactive commitments that are based on injective one-way functions. We describe later how the protocol can be modified to use a two-round commitment scheme that relies only on one-way functions without increasing the round complexity of the protocol.
- 8.
To ease the exposition, we assume that \({\mathsf x} _k\) and \(\mathsf {r}_k\) are hardwired inside each token. Instead, we can have each party broadcast encrypted signed versions of them which are sent to the respective token along with the other messages.
References
Agrawal, S., Ananth, P., Goyal, V., Prabhakaran, M., Rosen, A.: Lower bounds in the hardware token model. In: TCC (2014)
Beaver, D.: Correlated pseudorandomness and the complexity of private computations. In: STOC (1996)
Barak, B., Goldreich, O., Goldwasser, S., Lindell, Y.: Resettably-sound zero-knowledge and its applications. In: FOCS (2001)
Badrinarayanan, S., Jain, A., Ostrovsky, R., Visconti, I.: Non-interactive secure computation from one-way functions. In: Peyrin, T., Galbraith, S. (eds.) ASIACRYPT 2018. LNCS, vol. 11274, pp. 118–138. Springer, Cham (2018). https://doi.org/10.1007/978-3-030-03332-3_5
Bitansky, N., Paneth, O.: On the impossibility of approximate obfuscation and applications to resettable cryptography. In: STOC (2013)
Bitansky, N., Paneth, O.: On non-black-box simulation and the impossibility of approximate obfuscation. SIAM J. Comput. 44, 1325–1383 (2015)
Canetti, R.: Universally composable security: a new paradigm for cryptographic protocols. In: FOCS (2001)
Canetti, R., Dodis, Y., Pass, R., Walfish, S.: Universally composable security with global setup. In: TCC (2007)
Canetti, R., Goldreich, O., Goldwasser, S., Micali, S.: Resettable zero-knowledge (extended abstract). In: STOC (2000)
Chandran, N., Goyal, V., Sahai, A.: New constructions for UC secure computation using tamper-proof hardware. In: EUROCRYPT (2008)
Canetti, R., Jain, A., Scafuro, A.: Practical UC security with a global random oracle. In: CCS (2014)
Choi, S.G., Katz, J., Schröder, D., Yerukhimovich, A., Zhou, H.-S.: (Efficient) universally composable oblivious transfer using a minimal number of stateless tokens. In: TCC (2014)
Chung, K.-M., Ostrovsky, R., Pass, R., Venkitasubramaniam, M., Visconti, I.: 4-round resettably-sound zero knowledge. In: TCC (2014)
Chung, K.-M., Ostrovsky, R., Pass, R., Visconti, I.: Simultaneous resettability from one-way functions. In: FOCS (2013)
Chung, K.-M., Pass, R., Seth, K.: Non-black-box simulation from one-way functions and applications to resettable security. In: STOC (2013)
Chung, K.-M., Pass, R., Seth, K.: Non-black-box simulation from one-way functions and applications to resettable security. SIAM J. Comput. 45(2), 415–458 (2016)
Döttling, N., Kraschewski, D., Müller-Quade, J.: Unconditional and composable security using a single stateful tamper-proof hardware token. In: TCC (2011)
Döttling, N., Kraschewski, D., Müller-Quade, J.: Statistically secure linear-rate dimension extension for oblivious affine function evaluation. In: ICITS (2012)
Döttling, N., Kraschewski, D., Müller-Quade, J., Nilges, T.: From stateful hardware to resettable hardware using symmetric assumptions. In: ProvSec (2015)
Döttling, N., Kraschewski, D., Müller-Quade, J., Nilges, T.: General statistically secure computation with bounded-resettable hardware tokens. In: TCC (2015)
Döttling, N., Mie, T., Müller-Quade, J., Nilges, T.: Implementing resettable UC-functionalities with untrusted tamper-proof hardware-tokens. In: TCC (2013)
Goldreich, O., Goldwasser, S., Micali, S.: How to construct random functions. J. ACM 33, 792–807 (1986)
Goyal, V., Ishai, Y., Sahai, A., Venkatesan, R., Wadia, A.: Founding cryptography on tamper-proof hardware tokens. In: TCC (2010)
Goldwasser, S., Kalai, Y.T., Rothblum, G.N.: One-time programs, In: CRYPTO (2008)
Hazay, C., Polychroniadou, A., Venkitasubramaniam, M.: Composable security in the tamper-proof hardware model under minimal complexity. In: Hirt, M., Smith, A. (eds.) TCC 2016. LNCS, vol. 9985, pp. 367–399. Springer, Heidelberg (2016). https://doi.org/10.1007/978-3-662-53641-4_15
Hazay, C., Polychroniadou, A., Venkitasubramaniam, M.: Constant round adaptively secure protocols in the tamper-proof hardware model. In: PKC (2017)
Yuval, I., Kushilevitz, E., Prabhakaran, M., Sahai, A.: Efficient non-interactive secure computation. In: EUROCRYPT (2011)
Yuval, I., Prabhakaran, M., Sahai, A.: Founding cryptography on oblivious transfer - efficiently. In: CRYPTO (2008)
Katz, J.: Universally composable multi-party computation using tamper-proof hardware. In: EUROCRYPT (2007)
Kilian, J.: Founding cryptography on oblivious transfer. In: STOC (1988)
Kolesnikov, V.: Truly efficient string oblivious transfer using resettable tamper-proof tokens. In: TCC (2010)
Mechler, J., Müller-Quade, J., Nilges, T.: Universally composable (non-interactive) two-party computation from untrusted reusable hardware tokens. IACR Cryptol. ePrint Archive 2016, 615 (2016)
Moran, T., Segev, G.: David and goliath commitments: UC computation for asymmetric parties using tamper-proof hardware. In: EUROCRYPT (2008)
Naor, M.: Bit commitment using pseudorandomness. J. Cryptol. 4, 151–158 (1991)
Nilges, T.: The Cryptographic Strength of Tamper-Proof Hardware. PhD thesis, Karlsruhe Institute of Technology (2015)
Rompel, J.: One-way functions are necessary and sufficient for secure signatures. In: Proceedings of the Twenty-Second Annual ACM Symposium on Theory of Computing, pp. 387–394. ACM (1990)
Yao, A.C.C.: How to generate and exchange secrets (extended abstract). In: FOCS (1986)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2019 International Association for Cryptologic Research
About this paper
Cite this paper
Badrinarayanan, S., Jain, A., Ostrovsky, R., Visconti, I. (2019). UC-Secure Multiparty Computation from One-Way Functions Using Stateless Tokens. In: Galbraith, S., Moriai, S. (eds) Advances in Cryptology – ASIACRYPT 2019. ASIACRYPT 2019. Lecture Notes in Computer Science(), vol 11922. Springer, Cham. https://doi.org/10.1007/978-3-030-34621-8_21
Download citation
DOI: https://doi.org/10.1007/978-3-030-34621-8_21
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-34620-1
Online ISBN: 978-3-030-34621-8
eBook Packages: Computer ScienceComputer Science (R0)