Presentation is loading. Please wait.

Presentation is loading. Please wait.

Stanford vs. UC: The Big Game A. Datta, A. Derek, J. C. Mitchell, A. Ramanathan & A. Scedrov August 16, 2005.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "Stanford vs. UC: The Big Game A. Datta, A. Derek, J. C. Mitchell, A. Ramanathan & A. Scedrov August 16, 2005."— Presentation transcript:

1 Stanford vs. UC: The Big Game A. Datta, A. Derek, J. C. Mitchell, A. Ramanathan & A. Scedrov August 16, 2005

2 The Problem uSpecifying security of cryptographic primitives and protocols Games: –Between challenger and adversary –Defines specific moves for each player –Not composable UC: –Simulation relation between real protocol and ideal functionality, which is “secure by construction” –Composable uHow are these specification methods related?

3 What is an “ideal” functionality uProposal: Ideal functionality for a primitive should satisfy corresponding game-conditions information- theoretically uIntuition: “secure by construction” uExample: Bit-commitment – two games for hiding and binding properties

4 Impossibility Theorem uIf F is any ideal functionality for bit- commitment, then no real protocol UC- securely realizes F uIntuition: Can construct information- theoretically hiding and binding protocol for BC that does not use TTP uSimilarly, symmetric encryption, group signatures,…

5 Conclusions uBig Game results uDevelop other composable notions of security? Conditional composability as opposed to universal (restricted environments) Year1996199719981999200020012002200320042005 Winner STANFORDUC?

6 Assume UC realization

7 Proof, phase 1 of

8 Proof, phase 2 of

Download ppt "Stanford vs. UC: The Big Game A. Datta, A. Derek, J. C. Mitchell, A. Ramanathan & A. Scedrov August 16, 2005."

Similar presentations

Universally Composable Symbolic Analysis of Cryptographic Protocols

Universally Composable Symbolic Analysis of Cryptographic Protocols
Perfect Non-interactive Zero-Knowledge for NP

Perfect Non-interactive Zero-Knowledge for NP
Efficiency vs. Assumptions in Secure Computation Yuval Ishai Technion & UCLA.

Efficiency vs. Assumptions in Secure Computation Yuval Ishai Technion & UCLA.
Computational Privacy. Overview Goal: Allow n-private computation of arbitrary funcs. –Impossible in information-theoretic setting Computational setting:

Computational Privacy. Overview Goal: Allow n-private computation of arbitrary funcs. –Impossible in information-theoretic setting Computational setting:
Rennes, 23/10/2014 Cristina Onete Commitment Schemes and Identification/Authentication.

Rennes, 23/10/2014 Cristina Onete Commitment Schemes and Identification/Authentication.
New Publicly Verifiable Databases with Efficient Updates

New Publicly Verifiable Databases with Efficient Updates
The Complexity of Zero-Knowledge Proofs Salil Vadhan Harvard University.

The Complexity of Zero-Knowledge Proofs Salil Vadhan Harvard University.
Rennes, 23/10/2014 Cristina Onete Commitment Schemes and Identification/Authentication.

Rennes, 23/10/2014 Cristina Onete Commitment Schemes and Identification/Authentication.
11 Provable Security. 22 Given a ciphertext, find the corresponding plaintext.

11 Provable Security. 22 Given a ciphertext, find the corresponding plaintext.
Computational Security. Overview Goal: Obtain computational security against an active adversary. Hope: under a reasonable cryptographic assumption, obtain.

Computational Security. Overview Goal: Obtain computational security against an active adversary. Hope: under a reasonable cryptographic assumption, obtain.
Cryptography and Network Security CSL 759 Shweta Agrawal.

Cryptography and Network Security CSL 759 Shweta Agrawal.
Proving Segment Relationships Postulate 2.8 - The Ruler Postulate The points on any line or line segment can be paired with real numbers so that, given.

Proving Segment Relationships Postulate The Ruler Postulate The points on any line or line segment can be paired with real numbers so that, given.
Nir Bitansky and Omer Paneth. Interactive Proofs.

Nir Bitansky and Omer Paneth. Interactive Proofs.
3.3 Parallel and Perpendicular Lines To Relate Parallel and Perpendicular Lines.

3.3 Parallel and Perpendicular Lines To Relate Parallel and Perpendicular Lines.
Jens Groth BRICS, University of Aarhus Cryptomathic

Jens Groth BRICS, University of Aarhus Cryptomathic
Authentication in Mobile Ad-hoc Network (MANET) Student Ståle Jonny Berget Superviser Chik How Tan.

Authentication in Mobile Ad-hoc Network (MANET) Student Ståle Jonny Berget Superviser Chik How Tan.
CS 395T Computational Soundness of Formal Models.

CS 395T Computational Soundness of Formal Models.
Impossibility Results for Concurrent Two-Party Computation Yehuda Lindell IBM T.J.Watson.

Impossibility Results for Concurrent Two-Party Computation Yehuda Lindell IBM T.J.Watson.
CS426Fall 2010/Lecture 351 Computer Security CS 426 Lecture 35 Commitment & Zero Knowledge Proofs.

CS426Fall 2010/Lecture 351 Computer Security CS 426 Lecture 35 Commitment & Zero Knowledge Proofs.
Oblivious Transfer based on the McEliece Assumptions

Oblivious Transfer based on the McEliece Assumptions

Similar presentations

Ads by Google