Ontology type: schema:Chapter
2020-08-10
AUTHORS ABSTRACTComposable security definitions, at times called simulation-based definitions, provide strong security guarantees that hold in any context. However, they are also met with some skepticism due to many impossibility results; goals such as commitments and zero-knowledge that are achievable in a stand-alone sense were shown to be unachievable composably (without a setup) since provably no efficient simulator exists. In particular, in the context of adaptive security, the so-called “simulator commitment problem” arises: once a party gets corrupted, an efficient simulator is unable to be consistent with its pre-corruption outputs. A natural question is whether such impossibility results are unavoidable or only artifacts of frameworks being too restrictive.In this work, we propose a novel type of composable security statement that evades the commitment problem. Our new type is able to express the composable guarantees of schemes that previously did not have a clear composable understanding. To this end, we leverage the concept of system specifications in the Constructive Cryptography framework, capturing the conjunction of several interval-wise guarantees, each specifying the guarantees between two events. We develop the required theory and present the corresponding new composition theorem.We present three applications of our theory. First, we show in the context of symmetric encryption with adaptive corruption how our notion naturally captures the expected confidentiality guarantee—the messages remain confidential until either party gets corrupted—and that it can be achieved by any standard semantically secure scheme (negating the need for non-committing encryption). Second, we present a composable formalization of (so far only known to be standalone secure) commitment protocols, which is instantiable without a trusted setup like a CRS. We show it to be sufficient for being used in coin tossing over the telephone, one of the early intuitive applications of commitments. Third, we reexamine a result by Hofheinz, Matt, and Maurer [Asiacrypt’15] implying that IND-ID-CPA security is not the right notion for identity-based encryption, unmasking this claim as an unnecessary framework artifact. More... »
PAGES33-62
Advances in Cryptology – CRYPTO 2020
ISBN
978-3-030-56783-5
978-3-030-56784-2
http://scigraph.springernature.com/pub.10.1007/978-3-030-56784-2_2
DOIhttp://dx.doi.org/10.1007/978-3-030-56784-2_2
DIMENSIONShttps://app.dimensions.ai/details/publication/pub.1130046296
JSON-LD is the canonical representation for SciGraph data.
TIP: You can open this SciGraph record using an external JSON-LD service: JSON-LD Playground Google SDTT
[
{
"@context": "https://springernature.github.io/scigraph/jsonld/sgcontext.json",
"about": [
{
"id": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/08",
"inDefinedTermSet": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/",
"name": "Information and Computing Sciences",
"type": "DefinedTerm"
},
{
"id": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/0804",
"inDefinedTermSet": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/",
"name": "Data Format",
"type": "DefinedTerm"
}
],
"author": [
{
"affiliation": {
"alternateName": "Department of Computer Science, ETH Zurich, 8092, Zurich, Switzerland",
"id": "http://www.grid.ac/institutes/grid.5801.c",
"name": [
"Department of Computer Science, ETH Zurich, 8092, Zurich, Switzerland"
],
"type": "Organization"
},
"familyName": "Jost",
"givenName": "Daniel",
"id": "sg:person.013356446515.02",
"sameAs": [
"https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.013356446515.02"
],
"type": "Person"
},
{
"affiliation": {
"alternateName": "Department of Computer Science, ETH Zurich, 8092, Zurich, Switzerland",
"id": "http://www.grid.ac/institutes/grid.5801.c",
"name": [
"Department of Computer Science, ETH Zurich, 8092, Zurich, Switzerland"
],
"type": "Organization"
},
"familyName": "Maurer",
"givenName": "Ueli",
"id": "sg:person.01316567627.91",
"sameAs": [
"https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.01316567627.91"
],
"type": "Person"
}
],
"datePublished": "2020-08-10",
"datePublishedReg": "2020-08-10",
"description": "Composable security definitions, at times called simulation-based definitions, provide strong security guarantees that hold in any context. However, they are also met with some skepticism due to many impossibility results; goals such as commitments and zero-knowledge that are achievable in a stand-alone sense were shown to be unachievable composably (without a setup) since provably no efficient simulator exists. In particular, in the context of adaptive security, the so-called \u201csimulator commitment problem\u201d arises: once a party gets corrupted, an efficient simulator is unable to be consistent with its pre-corruption outputs. A natural question is whether such impossibility results are unavoidable or only artifacts of frameworks being too restrictive.In this work, we propose a novel type of composable security statement that evades the commitment problem. Our new type is able to express the composable guarantees of schemes that previously did not have a clear composable understanding. To this end, we leverage the concept of system specifications in the Constructive Cryptography framework, capturing the conjunction of several interval-wise guarantees, each specifying the guarantees between two events. We develop the required theory and present the corresponding new composition theorem.We present three applications of our theory. First, we show in the context of symmetric encryption with adaptive corruption how our notion naturally captures the expected confidentiality guarantee\u2014the messages remain confidential until either party gets corrupted\u2014and that it can be achieved by any standard semantically secure scheme (negating the need for non-committing encryption). Second, we present a composable formalization of (so far only known to be standalone secure) commitment protocols, which is instantiable without a trusted setup like a CRS. We show it to be sufficient for being used in coin tossing over the telephone, one of the early intuitive applications of commitments. Third, we reexamine a result by Hofheinz, Matt, and Maurer [Asiacrypt\u201915] implying that IND-ID-CPA security is not the right notion for identity-based encryption, unmasking this claim as an unnecessary framework artifact.",
"editor": [
{
"familyName": "Micciancio",
"givenName": "Daniele",
"type": "Person"
},
{
"familyName": "Ristenpart",
"givenName": "Thomas",
"type": "Person"
}
],
"genre": "chapter",
"id": "sg:pub.10.1007/978-3-030-56784-2_2",
"inLanguage": "en",
"isAccessibleForFree": false,
"isPartOf": {
"isbn": [
"978-3-030-56783-5",
"978-3-030-56784-2"
],
"name": "Advances in Cryptology \u2013 CRYPTO 2020",
"type": "Book"
},
"keywords": [
"efficient simulator",
"constructive cryptography framework",
"strong security guarantees",
"identity-based encryption",
"simulation-based definition",
"composable security definition",
"such impossibility results",
"impossibility results",
"symmetric encryption",
"secure scheme",
"CPA security",
"security definitions",
"security guarantees",
"adaptive security",
"zero-knowledge",
"IND-ID",
"adaptive corruptions",
"composable security",
"system specification",
"security statements",
"intuitive application",
"commitment protocol",
"composition theorem",
"encryption",
"guarantees",
"security",
"commitment problem",
"simulator",
"required theory",
"natural question",
"scheme",
"framework",
"confidentiality",
"right notion",
"artifacts",
"Hofheinz",
"formalization",
"applications",
"new composition theorem",
"messages",
"specification",
"context",
"parties",
"new type",
"protocol",
"definition",
"Maurer",
"only artifacts",
"notion",
"goal",
"concept",
"setup",
"output",
"results",
"work",
"coins",
"time",
"corruption",
"end",
"types",
"telephone",
"theory",
"sense",
"novel type",
"impossibility",
"statements",
"conjunction",
"questions",
"theorem",
"Matt",
"events",
"understanding",
"commitment",
"claims",
"CRS",
"skepticism",
"problem"
],
"name": "Overcoming Impossibility Results in Composable Security Using Interval-Wise Guarantees",
"pagination": "33-62",
"productId": [
{
"name": "dimensions_id",
"type": "PropertyValue",
"value": [
"pub.1130046296"
]
},
{
"name": "doi",
"type": "PropertyValue",
"value": [
"10.1007/978-3-030-56784-2_2"
]
}
],
"publisher": {
"name": "Springer Nature",
"type": "Organisation"
},
"sameAs": [
"https://doi.org/10.1007/978-3-030-56784-2_2",
"https://app.dimensions.ai/details/publication/pub.1130046296"
],
"sdDataset": "chapters",
"sdDatePublished": "2022-05-20T07:41",
"sdLicense": "https://scigraph.springernature.com/explorer/license/",
"sdPublisher": {
"name": "Springer Nature - SN SciGraph project",
"type": "Organization"
},
"sdSource": "s3://com-springernature-scigraph/baseset/20220519/entities/gbq_results/chapter/chapter_0.jsonl",
"type": "Chapter",
"url": "https://doi.org/10.1007/978-3-030-56784-2_2"
}
]Download the RDF metadata as: json-ld nt turtle xml License info
JSON-LD is a popular format for linked data which is fully compatible with JSON.
curl -H 'Accept: application/ld+json' 'https://scigraph.springernature.com/pub.10.1007/978-3-030-56784-2_2'
N-Triples is a line-based linked data format ideal for batch operations.
curl -H 'Accept: application/n-triples' 'https://scigraph.springernature.com/pub.10.1007/978-3-030-56784-2_2'
Turtle is a human-readable linked data format.
curl -H 'Accept: text/turtle' 'https://scigraph.springernature.com/pub.10.1007/978-3-030-56784-2_2'
RDF/XML is a standard XML format for linked data.
curl -H 'Accept: application/rdf+xml' 'https://scigraph.springernature.com/pub.10.1007/978-3-030-56784-2_2'
This table displays all metadata directly associated to this object as RDF triples.
149 TRIPLES
23 PREDICATES
102 URIs
95 LITERALS
7 BLANK NODES
| Subject | Predicate | Object | |
|---|---|---|---|
| 1 | sg:pub.10.1007/978-3-030-56784-2_2 | schema:about | anzsrc-for:08 |
| 2 | ″ | ″ | anzsrc-for:0804 |
| 3 | ″ | schema:author | N9d8204a386b64bf0aa2193fcd98f6408 |
| 4 | ″ | schema:datePublished | 2020-08-10 |
| 5 | ″ | schema:datePublishedReg | 2020-08-10 |
| 6 | ″ | schema:description | Composable security definitions, at times called simulation-based definitions, provide strong security guarantees that hold in any context. However, they are also met with some skepticism due to many impossibility results; goals such as commitments and zero-knowledge that are achievable in a stand-alone sense were shown to be unachievable composably (without a setup) since provably no efficient simulator exists. In particular, in the context of adaptive security, the so-called “simulator commitment problem” arises: once a party gets corrupted, an efficient simulator is unable to be consistent with its pre-corruption outputs. A natural question is whether such impossibility results are unavoidable or only artifacts of frameworks being too restrictive.In this work, we propose a novel type of composable security statement that evades the commitment problem. Our new type is able to express the composable guarantees of schemes that previously did not have a clear composable understanding. To this end, we leverage the concept of system specifications in the Constructive Cryptography framework, capturing the conjunction of several interval-wise guarantees, each specifying the guarantees between two events. We develop the required theory and present the corresponding new composition theorem.We present three applications of our theory. First, we show in the context of symmetric encryption with adaptive corruption how our notion naturally captures the expected confidentiality guarantee—the messages remain confidential until either party gets corrupted—and that it can be achieved by any standard semantically secure scheme (negating the need for non-committing encryption). Second, we present a composable formalization of (so far only known to be standalone secure) commitment protocols, which is instantiable without a trusted setup like a CRS. We show it to be sufficient for being used in coin tossing over the telephone, one of the early intuitive applications of commitments. Third, we reexamine a result by Hofheinz, Matt, and Maurer [Asiacrypt’15] implying that IND-ID-CPA security is not the right notion for identity-based encryption, unmasking this claim as an unnecessary framework artifact. |
| 7 | ″ | schema:editor | N0c37833747d1448c955bdb8015081a6a |
| 8 | ″ | schema:genre | chapter |
| 9 | ″ | schema:inLanguage | en |
| 10 | ″ | schema:isAccessibleForFree | false |
| 11 | ″ | schema:isPartOf | Nca7fc6f54c054bc1a9f21a04d9e86318 |
| 12 | ″ | schema:keywords | CPA security |
| 13 | ″ | ″ | CRS |
| 14 | ″ | ″ | Hofheinz |
| 15 | ″ | ″ | IND-ID |
| 16 | ″ | ″ | Matt |
| 17 | ″ | ″ | Maurer |
| 18 | ″ | ″ | adaptive corruptions |
| 19 | ″ | ″ | adaptive security |
| 20 | ″ | ″ | applications |
| 21 | ″ | ″ | artifacts |
| 22 | ″ | ″ | claims |
| 23 | ″ | ″ | coins |
| 24 | ″ | ″ | commitment |
| 25 | ″ | ″ | commitment problem |
| 26 | ″ | ″ | commitment protocol |
| 27 | ″ | ″ | composable security |
| 28 | ″ | ″ | composable security definition |
| 29 | ″ | ″ | composition theorem |
| 30 | ″ | ″ | concept |
| 31 | ″ | ″ | confidentiality |
| 32 | ″ | ″ | conjunction |
| 33 | ″ | ″ | constructive cryptography framework |
| 34 | ″ | ″ | context |
| 35 | ″ | ″ | corruption |
| 36 | ″ | ″ | definition |
| 37 | ″ | ″ | efficient simulator |
| 38 | ″ | ″ | encryption |
| 39 | ″ | ″ | end |
| 40 | ″ | ″ | events |
| 41 | ″ | ″ | formalization |
| 42 | ″ | ″ | framework |
| 43 | ″ | ″ | goal |
| 44 | ″ | ″ | guarantees |
| 45 | ″ | ″ | identity-based encryption |
| 46 | ″ | ″ | impossibility |
| 47 | ″ | ″ | impossibility results |
| 48 | ″ | ″ | intuitive application |
| 49 | ″ | ″ | messages |
| 50 | ″ | ″ | natural question |
| 51 | ″ | ″ | new composition theorem |
| 52 | ″ | ″ | new type |
| 53 | ″ | ″ | notion |
| 54 | ″ | ″ | novel type |
| 55 | ″ | ″ | only artifacts |
| 56 | ″ | ″ | output |
| 57 | ″ | ″ | parties |
| 58 | ″ | ″ | problem |
| 59 | ″ | ″ | protocol |
| 60 | ″ | ″ | questions |
| 61 | ″ | ″ | required theory |
| 62 | ″ | ″ | results |
| 63 | ″ | ″ | right notion |
| 64 | ″ | ″ | scheme |
| 65 | ″ | ″ | secure scheme |
| 66 | ″ | ″ | security |
| 67 | ″ | ″ | security definitions |
| 68 | ″ | ″ | security guarantees |
| 69 | ″ | ″ | security statements |
| 70 | ″ | ″ | sense |
| 71 | ″ | ″ | setup |
| 72 | ″ | ″ | simulation-based definition |
| 73 | ″ | ″ | simulator |
| 74 | ″ | ″ | skepticism |
| 75 | ″ | ″ | specification |
| 76 | ″ | ″ | statements |
| 77 | ″ | ″ | strong security guarantees |
| 78 | ″ | ″ | such impossibility results |
| 79 | ″ | ″ | symmetric encryption |
| 80 | ″ | ″ | system specification |
| 81 | ″ | ″ | telephone |
| 82 | ″ | ″ | theorem |
| 83 | ″ | ″ | theory |
| 84 | ″ | ″ | time |
| 85 | ″ | ″ | types |
| 86 | ″ | ″ | understanding |
| 87 | ″ | ″ | work |
| 88 | ″ | ″ | zero-knowledge |
| 89 | ″ | schema:name | Overcoming Impossibility Results in Composable Security Using Interval-Wise Guarantees |
| 90 | ″ | schema:pagination | 33-62 |
| 91 | ″ | schema:productId | N5afa73f7a54242fe8ce9d22dec5c3554 |
| 92 | ″ | ″ | N894bbbdb456445fe8f955ed5d0689e26 |
| 93 | ″ | schema:publisher | N224f2b6c42d8424cbe1cd1b30fd9dc3e |
| 94 | ″ | schema:sameAs | https://app.dimensions.ai/details/publication/pub.1130046296 |
| 95 | ″ | ″ | https://doi.org/10.1007/978-3-030-56784-2_2 |
| 96 | ″ | schema:sdDatePublished | 2022-05-20T07:41 |
| 97 | ″ | schema:sdLicense | https://scigraph.springernature.com/explorer/license/ |
| 98 | ″ | schema:sdPublisher | Nc755b7ae470d4913a71ea396673b8cd5 |
| 99 | ″ | schema:url | https://doi.org/10.1007/978-3-030-56784-2_2 |
| 100 | ″ | sgo:license | sg:explorer/license/ |
| 101 | ″ | sgo:sdDataset | chapters |
| 102 | ″ | rdf:type | schema:Chapter |
| 103 | N0c37833747d1448c955bdb8015081a6a | rdf:first | N8207559767c94faf98400a7478d1ff86 |
| 104 | ″ | rdf:rest | N497ea828ffab421cbe53b197bb08e2e7 |
| 105 | N224f2b6c42d8424cbe1cd1b30fd9dc3e | schema:name | Springer Nature |
| 106 | ″ | rdf:type | schema:Organisation |
| 107 | N497ea828ffab421cbe53b197bb08e2e7 | rdf:first | Nf66ac97a0da34861b061cda87e4f1cf0 |
| 108 | ″ | rdf:rest | rdf:nil |
| 109 | N5afa73f7a54242fe8ce9d22dec5c3554 | schema:name | doi |
| 110 | ″ | schema:value | 10.1007/978-3-030-56784-2_2 |
| 111 | ″ | rdf:type | schema:PropertyValue |
| 112 | N8207559767c94faf98400a7478d1ff86 | schema:familyName | Micciancio |
| 113 | ″ | schema:givenName | Daniele |
| 114 | ″ | rdf:type | schema:Person |
| 115 | N894bbbdb456445fe8f955ed5d0689e26 | schema:name | dimensions_id |
| 116 | ″ | schema:value | pub.1130046296 |
| 117 | ″ | rdf:type | schema:PropertyValue |
| 118 | N8cac17ed19dc471fbe74c8dfba720a8e | rdf:first | sg:person.01316567627.91 |
| 119 | ″ | rdf:rest | rdf:nil |
| 120 | N9d8204a386b64bf0aa2193fcd98f6408 | rdf:first | sg:person.013356446515.02 |
| 121 | ″ | rdf:rest | N8cac17ed19dc471fbe74c8dfba720a8e |
| 122 | Nc755b7ae470d4913a71ea396673b8cd5 | schema:name | Springer Nature - SN SciGraph project |
| 123 | ″ | rdf:type | schema:Organization |
| 124 | Nca7fc6f54c054bc1a9f21a04d9e86318 | schema:isbn | 978-3-030-56783-5 |
| 125 | ″ | ″ | 978-3-030-56784-2 |
| 126 | ″ | schema:name | Advances in Cryptology – CRYPTO 2020 |
| 127 | ″ | rdf:type | schema:Book |
| 128 | Nf66ac97a0da34861b061cda87e4f1cf0 | schema:familyName | Ristenpart |
| 129 | ″ | schema:givenName | Thomas |
| 130 | ″ | rdf:type | schema:Person |
| 131 | anzsrc-for:08 | schema:inDefinedTermSet | anzsrc-for: |
| 132 | ″ | schema:name | Information and Computing Sciences |
| 133 | ″ | rdf:type | schema:DefinedTerm |
| 134 | anzsrc-for:0804 | schema:inDefinedTermSet | anzsrc-for: |
| 135 | ″ | schema:name | Data Format |
| 136 | ″ | rdf:type | schema:DefinedTerm |
| 137 | sg:person.01316567627.91 | schema:affiliation | grid-institutes:grid.5801.c |
| 138 | ″ | schema:familyName | Maurer |
| 139 | ″ | schema:givenName | Ueli |
| 140 | ″ | schema:sameAs | https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.01316567627.91 |
| 141 | ″ | rdf:type | schema:Person |
| 142 | sg:person.013356446515.02 | schema:affiliation | grid-institutes:grid.5801.c |
| 143 | ″ | schema:familyName | Jost |
| 144 | ″ | schema:givenName | Daniel |
| 145 | ″ | schema:sameAs | https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.013356446515.02 |
| 146 | ″ | rdf:type | schema:Person |
| 147 | grid-institutes:grid.5801.c | schema:alternateName | Department of Computer Science, ETH Zurich, 8092, Zurich, Switzerland |
| 148 | ″ | schema:name | Department of Computer Science, ETH Zurich, 8092, Zurich, Switzerland |
| 149 | ″ | rdf:type | schema:Organization |