Stanford vs. UC: The Big Game A. Datta, A. Derek, J. C. Mitchell, A. Ramanathan & A. Scedrov August 16, 2005.

Slides:



Advertisements
Similar presentations
Universally Composable Symbolic Analysis of Cryptographic Protocols
Advertisements

Perfect Non-interactive Zero-Knowledge for NP
Efficiency vs. Assumptions in Secure Computation Yuval Ishai Technion & UCLA.
Computational Privacy. Overview Goal: Allow n-private computation of arbitrary funcs. –Impossible in information-theoretic setting Computational setting:
Rennes, 23/10/2014 Cristina Onete Commitment Schemes and Identification/Authentication.
New Publicly Verifiable Databases with Efficient Updates
The Complexity of Zero-Knowledge Proofs Salil Vadhan Harvard University.
Rennes, 23/10/2014 Cristina Onete Commitment Schemes and Identification/Authentication.
11 Provable Security. 22 Given a ciphertext, find the corresponding plaintext.
Computational Security. Overview Goal: Obtain computational security against an active adversary. Hope: under a reasonable cryptographic assumption, obtain.
Cryptography and Network Security CSL 759 Shweta Agrawal.
Proving Segment Relationships Postulate The Ruler Postulate The points on any line or line segment can be paired with real numbers so that, given.
Nir Bitansky and Omer Paneth. Interactive Proofs.
3.3 Parallel and Perpendicular Lines To Relate Parallel and Perpendicular Lines.
Jens Groth BRICS, University of Aarhus Cryptomathic
Authentication in Mobile Ad-hoc Network (MANET) Student Ståle Jonny Berget Superviser Chik How Tan.
CS 395T Computational Soundness of Formal Models.
Impossibility Results for Concurrent Two-Party Computation Yehuda Lindell IBM T.J.Watson.
CS426Fall 2010/Lecture 351 Computer Security CS 426 Lecture 35 Commitment & Zero Knowledge Proofs.
Oblivious Transfer based on the McEliece Assumptions
Computationally Sound Symbolic Protocol Analysis: Correspondence Theorems 18739A: Foundations of Security and Privacy Anupam Datta CMU Fall
Proactive Secure Mobile Digital Signatures Work in progress. Ivan Damgård and Gert Læssøe Mikkelsen University of Aarhus.
Symbolic Logic for Complexity- theoretic Model of Security Protocols Anupam Datta Ante Derek John C. Mitchell Vitaly Shmatikov Mathieu Turuani May 5, 2005.
Unifying Equivalence-Based Definitions of Protocol Security A. Datta, R. Küsters, J. C. Mitchell, A. Ramanathan, V. Shmatikov Stanford University SRI International.
Foundations of Network and Computer Security J J ohn Black Lecture #8 Sep 15 th 2005 CSCI 6268/TLEN 5831, Fall 2005.
Overview of Cryptography Anupam Datta CMU Fall A: Foundations of Security and Privacy.
Jointly Restraining Big Brother: Using cryptography to reconcile privacy with data aggregation Ran Canetti IBM Research.
1 The Future of Cryptography Salil Vadhan Harvard University.
1 © IBM, A Reactively Secure Dolev-Yao-style Cryptographic Library DIMACS, June 2004 Michael Backes, Birgit Pfitzmann, Michael Waidner IBM Research,
Unifying Equivalence-Based Definitions of Protocol Security A. Datta, R. Küsters, J. C. Mitchell, A. Ramanathan, V. Shmatikov Stanford University SRI International.
Equivalence-Based Security Specifications A. Datta, R Küsters, J. Mitchell, A. Ramanathan, V. Shmatikov A. Scedrov, V. Teague, P. Mateus.
C ontract signing Rohit Chadha, John Mitchell, Andre Scedrov, Vitaly Shmatikov.
1. Outline 1. Background 1. Attacks on distance-bounding 2. Symmetric vs asymmetric protocol 3. Motivation: DBPK-Log 2. VSSDB 1. Building blocks 2. Protocol.
Universally Composable Symbolic Analysis of Security Protocols Jonathan Herzog (Joint work with Ran Canetti) 7 June 2004 The author's affiliation with.
Slide 1 Vitaly Shmatikov CS 380S Oblivious Transfer and Secure Multi-Party Computation With Malicious Parties.
3-4 Algebra Properties Used in Geometry The properties of operations of real numbers that you used in arithmetic and algebra can be applied in geometry.
IKP Secure Electronic Payment System Presented by Jinping Li.
Adaptively Secure Broadcast, Revisited
How to play ANY mental game
Computationally Sound Mechanized Proofs of Basic and Public-key Kerberos FormaCrypt meeting, Nov. 30, 2007 B. Blanchet 1, A. D. Jaggard 2, A. Scedrov 3,
Lecture 1: Introduction CS 6903: Modern Cryptography Spring 2009 Nitesh Saxena Polytechnic Institute of NYU.
Collusion-Free Multiparty Computation in the Mediated Model
CS 4/585: Cryptography Tom Shrimpton FAB
Christian Schaffner CWI Amsterdam, Netherlands Quantum Cryptography beyond Key Distribution Workshop on Post-Quantum Security Models Paris, France Tuesday,
A Linear Lower Bound on the Communication Complexity of Single-Server PIR Weizmann Institute of Science Israel Iftach HaitnerJonathan HochGil Segev.
Cryptography for Cloud Storage Service Kaoru Kurosawa Ibaraki University, Japan CRYPTOLOGY 2012, 4-6 June, Langkawi, Malaysia.
Cryptography In the Bounded Quantum-Storage Model Christian Schaffner, BRICS University of Århus, Denmark ECRYPT Autumn School, Bertinoro Wednesday, October.
Cryptography In the Bounded Quantum-Storage Model Christian Schaffner, BRICS University of Århus, Denmark 9 th workshop on QIP 2006, Paris Tuesday, January.
1 Reasoning about Concrete Security in Protocol Proofs A. Datta, J.Y. Halpern, J.C. Mitchell, R. Pucella, A. Roy.
A Quick Tour of Cryptographic Primitives Anupam Datta CMU Fall A: Foundations of Security and Privacy.
SPAR-MPC Day 1 Breakout Sessions Emily Shen 29 May 2014.
Christian Schaffner, PhD student NF-årsfest 2005 A A R H U S U N I V E R S I T E T DAIMI – Department of Computer Science BRICS – Basic Research in Computer.
Game-based composition for key exchange Cristina Brzuska, Marc Fischlin (University of Darmstadt) Nigel Smart, Bogdan Warinschi, Steve Williams (University.
On Simulation-Sound Trapdoor Commitments Phil MacKenzie, Bell Labs Ke Yang, CMU.
UC/Garbled Searchable Symmetric Encryption Kaoru Kurosawa Ibaraki University, Japan.
Universally Composable computation with any number of faults Ran Canetti IBM Research Joint works with Marc Fischlin, Yehuda Lindell, Rafi Ostrovsky, Tal.
Feasibility and Completeness of Cryptographic Tasks in the Quantum World Hong-Sheng Zhou (U. Maryland) Joint work with Jonathan Katz (U. Maryland) Fang.
Secure Computation (Lecture 9-10) Arpita Patra. Recap >> MPC with honest majority in i.t. settings > Protocol using (n,t)-sharing, proof of security---
Universally Composable Authentication and Key-exchange with Global PKI Ran Canetti (TAU and BU) Daniel Shahaf (TAU) Margarita Vald(TAU) PKC2016 Taipei,
Bit Commitment, Fair Coin Flips, and One-Way Accumulators Matt Ashoff 11/9/2004 Cryptographic Protocols.
Cryptography in the Bounded-Quantum-Storage Model Christian Schaffner BRICS, University of Aarhus PhD Defense Friday, April 27 th 2007.
Carmit Hazay (Bar-Ilan University, Israel)
Topic 14: Random Oracle Model, Hashing Applications
Semantic Security and Indistinguishability in the Quantum World
Introduction to Provable Security
Fiat-Shamir for Highly Sound Protocols is Instantiable
Games and the Impossibility of Realizable Ideal Functionality
Digital Signatures Reference: Pfleeger , Charles P., Security in Computing, 2nd Edition, Prentice Hall, /7/2019 Ref: Pfleeger96, Ch.4.
The “Modular” Approach
Presentation transcript:

Stanford vs. UC: The Big Game A. Datta, A. Derek, J. C. Mitchell, A. Ramanathan & A. Scedrov August 16, 2005

The Problem uSpecifying security of cryptographic primitives and protocols Games: –Between challenger and adversary –Defines specific moves for each player –Not composable UC: –Simulation relation between real protocol and ideal functionality, which is “secure by construction” –Composable uHow are these specification methods related?

What is an “ideal” functionality uProposal: Ideal functionality for a primitive should satisfy corresponding game-conditions information- theoretically uIntuition: “secure by construction” uExample: Bit-commitment – two games for hiding and binding properties

Impossibility Theorem uIf F is any ideal functionality for bit- commitment, then no real protocol UC- securely realizes F uIntuition: Can construct information- theoretically hiding and binding protocol for BC that does not use TTP uSimilarly, symmetric encryption, group signatures,…

Conclusions uBig Game results uDevelop other composable notions of security? Conditional composability as opposed to universal (restricted environments) Year Winner STANFORDUC?

Assume UC realization

Proof, phase 1 of

Proof, phase 2 of

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.