Unconditional and Composable Security Using a Single Stateful Tamper-Proof Hardware Token

Döttling, Nico; Kraschewski, Daniel; Müller-Quade, Jörn

doi:10.1007/978-3-642-19571-6_11

Cited by 39 publications

(58 citation statements)

References 23 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…A consequence of this model is that the security of a player now depends only on its own token being good and holds even if tokens used by other players are not genuine! This new setup assumptions has gained a lot of interest and several works after [27] have shown that unconditional UC-security is possible [32,25], even using a single stateful token [22,23]. Note that a stateful token, in contrast with a stateless token, requires an updatable memory that can be subject to reset attacks.…”

mentioning

confidence: 99%

Unconditionally Secure and Universally Composable Commitments from Physical Assumptions

Damgård

Scafuro²

2013

Advances in Cryptology - ASIACRYPT 2013

View full text Add to dashboard Cite

We present a constant-round unconditional black-box compiler that transforms any ideal (i.e., statistically-hiding and statistically-binding) straight-line extractable commitment scheme, into an extractable and equivocal commitment scheme, therefore yielding to UC-security [9]. We exemplify the usefulness of our compiler by providing two (constant-round) instantiations of ideal straight-line extractable commitment based on (malicious) PUFs [37] and stateless tamper-proof hardware tokens [27], therefore achieving the rst unconditionally UC-secure commitment with malicious PUFs and stateless tokens, respectively. Our constructions are secure for adversaries creating arbitrarily malicious stateful PUFs/tokens.Previous results with malicious PUFs used either computational assumptions to achieve UCsecure commitments or were unconditionally secure but only in the indistinguishability sense [37]. Similarly, with stateless tokens, UC-secure commitments are known only under computational assumptions [13,25,15], while the (not UC) unconditional commitment scheme of [24] is secure only in a weaker model in which the adversary is not allowed to create stateful tokens.Besides allowing us to prove feasibility of unconditional UC-security with (malicious) PUFs and stateless tokens, our compiler can be instantiated with any ideal straight-line extractable commitment scheme, thus allowing the use of various setup assumptions which may better t the application or the technology available.

show abstract

mentioning

confidence: 99%

Unconditionally Secure and Universally Composable Commitments from Physical Assumptions

Damgård

Scafuro²

2013

Advances in Cryptology - ASIACRYPT 2013

View full text Add to dashboard Cite

show abstract

“…Our protocols are thus optimal in this regard. Note that a single stateful token suffices for universally composable OT [20]; our result thus demonstrates a separation between stateful and stateless tokens.…”

Section: Introductionmentioning

confidence: 54%

“…Goyal et al [29] show an unconditional construction of oblivious transfer (and hence general secure computation) using Θ(λ) stateful tokens. Döttling et al [20] show how to construct unconditionally secure OT using only a single stateful token. Goyal et al [28] showed that unconditional security from stateless tokens is impossible unless the token model is extended to allow Table 1: Universally composable OT based on stateless tamper-proof hardware tokens.…”

Section: Prior Workmentioning

confidence: 99%

“…Our starting point is the unconditionally secure OT protocol from [20], which uses a single stateful token. We sketch a simplified version of their protocol for the case of a single OT carried out between the sender S with input (x 0 , x 1 ) ∈ {0, 1} λ × {0, 1} λ and the receiver R with input b ∈ {0, 1}.…”

Section: Intuition and Backgroundmentioning

confidence: 99%

“…In addition to introducing the model, Katz showed that tamper-proof hardware tokens can be used for universally composable computation of arbitrary functions under additional cryptographic assumptions. His work motivated an extensive amount of follow-up work [13,47,26,16,28,29,20] that we discuss in detail later.…”

Section: Introductionmentioning

confidence: 99%

See 2 more Smart Citations

(Efficient) Universally Composable Oblivious Transfer Using a Minimal Number of Stateless Tokens

et al. 2018

View full text Add to dashboard Cite

We continue the line of work initiated by Katz (Eurocrypt 2007) on using tamper-proof hardware tokens for universally composable secure computation. As our main result, we show an oblivious-transfer (OT) protocol in which two parties each create and transfer a single, stateless token and can then run an unbounded number of OTs. We also show a more efficient protocol, based only on standard symmetric-key primitives (block ciphers and collision-resistant hash functions), that can be used if a bounded number of OTs suffice.Motivated by this result, we investigate the number of stateless tokens needed for universally composable OT. We prove that our protocol is optimal in this regard for constructions making black-box use of the tokens (in a sense we define). We also show that nonblack-box techniques can be used to obtain a construction using only a single stateless token.

show abstract

Non-interactive Secure Computation from One-Way Functions

Badrinarayanan

Jain

Ostrovsky

et al. 2018

Lecture Notes in Computer Science

View full text Add to dashboard Cite

Unconditional and Composable Security Using a Single Stateful Tamper-Proof Hardware Token

Cited by 39 publications

References 23 publications

Unconditionally Secure and Universally Composable Commitments from Physical Assumptions

Unconditionally Secure and Universally Composable Commitments from Physical Assumptions

(Efficient) Universally Composable Oblivious Transfer Using a Minimal Number of Stateless Tokens

Non-interactive Secure Computation from One-Way Functions

Contact Info

Product

Resources

About