Abstract
We introduce the notion of resource-fair protocols. Informally, this property states that if one party learns the output of the protocol, then so can all other parties, as long as they expend roughly the same amount of resources. As opposed to similar previously proposed definitions, our definition follows the standard simulation paradigm and enjoys strong composability properties. In particular, our definition is similar to the security definition in the universal composability (UC) framework, but works in a model that allows any party to request additional resources from the environment to deal with dishonest parties that may prematurely abort.
In this model we specify the ideally fair functionality as allowing parties to “invest resources” in return for outputs, but in such an event offering all other parties a fair deal. (The formulation of fair dealings is kept independent of any particular functionality, by defining it using a “wrapper.”) Thus, by relaxing the notion of fairness, we avoid a well-known impossibility result for fair multi-party computation with corrupted majority; in particular, our definition admits constructions that tolerate arbitrary number of corruptions. We also show that, as in the UC framework, protocols in our framework may be arbitrarily and concurrently composed.
Turning to constructions, we define a “commit-prove-fair-open” functionality and design an efficient resource-fair protocol that securely realizes it, using a new variant of a cryptographic primitive known as “time-lines.” With (the fairly wrapped version of) this functionality we show that some of the existing secure multi-party computation protocols can be easily transformed into resource-fair protocols while preserving their security.
The original version of this chapter was revised: The copyright line was incorrect. This has been corrected. The Erratum to this chapter is available at DOI: 10.1007/978-3-540-32732-5_32
Chapter PDF
Similar content being viewed by others
Keywords
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
References
Adleman, L., Kompella, K.: Using smoothness to achieve parallelism. In: 20th STOC, pp. 528–538 (1988)
Asokan, N., Shoup, V., Waidner, M.: Optimistic Fair Exchange of Digital Signatures (Extended Abstract). In: Nyberg, K. (ed.) EUROCRYPT 1998. LNCS, vol. 1403, pp. 591–606. Springer, Heidelberg (1998)
Backes, M., Pfitzmann, B., Waidner, M.: A general composition theorem for secure reactive systems. In: Naor, M. (ed.) TCC 2004. LNCS, vol. 2951, pp. 336–354. Springer, Heidelberg (2004)
Beaver, D., Goldwasser, S.: Multiparty Computation with Faulty Majority. In: 30th FOCS, pp. 503–513 (1990)
Benaloh, J., de Mare, M.: One-Way Accumulators: A Decentralized Alternative to Digital Signatures. In: Helleseth, T. (ed.) EUROCRYPT 1993. LNCS, vol. 765, pp. 274–285. Springer, Heidelberg (1994)
Ben-Or, M., Goldreich, O., Micali, S., Rivest, R.: A Fair Protocol for Signing Contracts. IEEE Transactions on Information Theory 36(1), 40–46 (1990)
Ben-Or, M., Goldwasser, S., Wigderson, A.: Completeness theorems for noncryptographic fault-tolerant distributed computation. In: 20th STOC, pp. 1–10 (1988)
Blum, M.: How to exchange (secret) keys. ACM Transactions on Computer Systems 1(2), 175–193 (1983)
Blum, L., Blum, M., Shub, M.: A simple unpredictable pseudo-random number generator. SIAM Journal on Computing 15(2), 364–383 (May 1986)
Boneh, D.: The decision Diffie-Hellman problem. In: Buhler, J.P. (ed.) ANTS 1998. LNCS, vol. 1423, pp. 48–63. Springer, Heidelberg (1998)
Boneh, D., Naor, M.: Timed commitments (extended abstract). In: Bellare, M. (ed.) CRYPTO 2000. LNCS, vol. 1880, pp. 236–254. Springer, Heidelberg (2000)
Cachin, C., Camenisch, J.: Optimistic Fair Secure Computation. In: Bellare, M. (ed.) CRYPTO 2000. LNCS, vol. 1880, pp. 93–111. Springer, Heidelberg (2000)
Canetti, R.: Security and Composition of Multiparty Cryptographic Protocols. Journal of Cryptology 13(1), 143–202 (Winter 2000)
Canetti, R.: Universally composable security: A new paradigm for cryptographic protocols. Electronic Colloquium on Computational Complexity (ECCC) TR01- 016 (2001); Previous version, A unified framework for analyzing security of protocols, availabe at the ECCC archive TR01-016. Extended abstract in FOCS 2001
Canetti, R.: Universally composable security: A new paradigm for cryptographic protocols. Cryptology ePrint Archive, Report 2000/067 (2005); Revised version of [14]
Canetti, R., Fischlin, M.: Universally composable commitments. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, pp. 19–40. Springer, Heidelberg (2001)
Canetti, R., Lindell, Y., Ostrovsky, R., Sahai, A.: Universally Composable Twoparty and Multi-party Secure Computation. In: 34th STOC (2002)
Chaum, D., Crépeau, C., Damgård, I.: Multiparty unconditionally secure protocols. In: 20th STOC, pp. 11–19 (1988)
Cleve, R.: Limits on the security of coin flips when half the processors are faulty. In: Proceedings of the 18th Annual ACM Symposium on Theory of Computing (STOC 1986), pp. 364–369 (1986)
Cramer, R.: Modular Design of Secure yet Practical Cryptographic Protocols. Ph.D. Thesis. CWI and University of Amsterdam (1997)
Cramer, R., Damgård, I., Nielsen, J.: Multiparty Computation from Threshold Homomorphic Encryption. In: Pfitzmann, B. (ed.) EUROCRYPT 2001. LNCS, vol. 2045, pp. 280–300. Springer, Heidelberg (2001)
Cramer, R., Damgård, I., Schoenmakers, B.: Proofs of partial knowledge and simplified design of witness hiding protocols. In: Desmedt, Y.G. (ed.) CRYPTO 1994. LNCS, vol. 839, pp. 174–187. Springer, Heidelberg (1994)
Damgård, I.: Practical and Provably Secure Release of a Secret and Exchange of Signatures. Journal of Cryptology 8(4), 201–222 (1995)
Damgård, I., Jurik, M.: Efficient protocols based probabilistic encryptions using composite degree residue classes. In: Research Series RS-00-5, BRICS, Department of Computer Science, University of Aarhus (2000)
Damgård, I., Nielsen, J.: Universally Composable Efficient Multiparty Computation from Threshold Homomorphic Encryption. In: Boneh, D. (ed.) CRYPTO 2003. LNCS, vol. 2729, pp. 247–264. Springer, Heidelberg (2003)
Dolev, D., Dwork, C., Naor, M.: Non-malleable cryptography. SIAM J. on Comput. 30(2), 391–437 (2000); An earlier version appeared in 23rd ACM Symp. on Theory of Computing, pp. 542–552 (1991)
Even, S., Goldreich, O., Lempel, A.: A randomized protocol for signing contracts. Commun. ACM 28(6), 637–647 (1985)
Fitzi, M., Gottesman, D., Hirt, M., Holenstein, T., Smith, A.: Detectable Byzantine Agreement Tolerating Faulty Majorities (from scratch). In: 21st PODC, pp. 118–126 (2002)
Fouque, P., Poupard, G., Stern, J.: Sharing decryption in the context of voting or lotteries. In: Proceedings of Financial Crypto 2000 (2000)
Galil, Z., Haber, S., Yung, M.: Cryptographic Computation: Secure Faulttolerant Protocols and the Public-Key Model. In: Pomerance, C. (ed.) CRYPTO 1987. LNCS, vol. 293, pp. 135–155. Springer, Heidelberg (1988)
Garay, J., Jakobsson, M.: Timed Release of Standard Digital Signatures. In: Blaze, M. (ed.) FC 2002. LNCS, vol. 2357, pp. 168–182. Springer, Heidelberg (2003)
Garay, J., MacKenzie, P., Prabhakaran, M., Yang, K.: Resource Fairness and Composability of Cryptographic Protocols. In: Cryptology ePrint Archive, http://eprint.iacr.org/2005/370
Garay, J., MacKenzie, P., Yang, K.: Strengthening Zero-Knowledge Protocols using Signatures. In: Biham, E. (ed.) EUROCRYPT 2003. LNCS, vol. 2656, pp. 177–194. Springer, Heidelberg (2003); Full version in Cryptology ePrint Archive (2003), http://eprint.iacr.org/2003/037 ; To appear in Journal of Cryptology
Garay, J., MacKenzie, P., Yang, K.: Efficient and Universally Composable Committed Oblivious Transfer and Applications. In: Naor, M. (ed.) TCC 2004. LNCS, vol. 2951, pp. 297–316. Springer, Heidelberg (2004)
Garay, J., MacKenzie, P., Yang, K.: Efficient and Secure Multi-Party Computation with Faulty Majority and Complete Fairness. In: Cryptology ePrint Archive, http://eprint.iacr.org/2004/019
Garay, J., Pomerance, C.: Timed Fair Exchange of Standard Signatures. In: Wright, R.N. (ed.) FC 2003. LNCS, vol. 2742, pp. 190–207. Springer, Heidelberg (2003)
Goldreich, O.: Secure Multi-Party Computation (Working Draft, Version 1.2) (March 2000), Available from: http://www.wisdom.weizmann.ac.il/~oded/pp.html
Goldreich, O., Micali, S., Wigderson, A.: How to Play any Mental Game – A Completeness Theorem for Protocols with Honest Majority. In: 19th ACM Symposium on the Theory of Computing, pp. 218–229 (1987)
Goldwasser, S., Levin, L.: Fair computation of general functions in presence of immoral majority. In: Menezes, A., Vanstone, S.A. (eds.) CRYPTO 1990. LNCS, vol. 537, pp. 77–93. Springer, Heidelberg (1991)
Goldwasser, S., Lindell, Y.: Secure ComputationWithout Agreement. Journal of Cryptology 18(3), 247–287 (2005)
Hofheinz, D., Müller-Quade, J.: A Synchronous Model for Multi-Party Computation and Incompleteness of Oblivious Transfer. In: Cryptology ePrint Archive (2004), http://eprint.iacr.org/2004/016
Lepinski, M., Micali, S., Peikert, C., Shelat, A.: Completely fair SFE and coalition-safe cheap talk. In: 23rd PODC, pp. 1–10 (2004)
Lindell, Y.: General Composition and Universal Composability in Secure Multi- Party Computation. In: FOCS 2003 (2003)
MacKenzie, P., Yang, K.: On Simulation Sound Trapdoor Commitments. In: Cachin, C., Camenisch, J.L. (eds.) EUROCRYPT 2004. LNCS, vol. 3027, pp. 382–400. Springer, Heidelberg (2004)
Nielsen, J.B.: On Protocol Security in the Cryptographi Model. Ph.D. Thesis. Aarhus University (2003)
Paillier, P.: Public-key cryptosystems based on composite degree residue classes. In: Stern, J. (ed.) EUROCRYPT 1999. LNCS, vol. 1592, pp. 223–238. Springer, Heidelberg (1999)
Pedersen, T.P.: Non-Interactive and Information-Theoretic Secure Verifiable Secret Sharing. In: Feigenbaum, J. (ed.) CRYPTO 1991. LNCS, vol. 576, pp. 129–140. Springer, Heidelberg (1992)
Pfitzmann, B., Waidner, M.: Composition and Integrity Preservation of Secure Reactive Systems. In: ACM Conference on Computer and Communications Security (CSS), pp. 245–254 (2000)
Pinkas, B.: Fair Secure Two-Party Computation. In: Eurocrypt 2003, pp. 87–105 (2003)
Prabhakaran, M., Sahai, A.: New notions of security: Achieving universal composability without trusted setup. Cryptology ePrint Archive, Report 2004/139; Extended abstract in Proc. 36th STOC, pp. 242–251 (2004)
Rabin, T., Ben-Or, M.: Verifiable Secret Sharing and Multiparty Protocols with Honest Majority. In: 21st STOC, pp. 73–85 (1989)
Shoup, V.: A Computational Introduction to Number Theory and Algebra. Preliminary book, Available at, http://shoup.net/ntb/
Sorenson, J.: A Sublinear-Time Parallel Algorithm for Integer Modular Exponentiation. Available from: http://citeseer.nj.nec.com/sorenson99sublineartime.html
Yao, A.: Protocols for Secure Computation. In: FOCS 1982, pp. 160–164 (1982)
Yao, A.: How to generate and exchange secrets. In: FOCS 1986, pp. 162–167 (1986)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2006 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Garay, J., MacKenzie, P., Prabhakaran, M., Yang, K. (2006). Resource Fairness and Composability of Cryptographic Protocols. In: Halevi, S., Rabin, T. (eds) Theory of Cryptography. TCC 2006. Lecture Notes in Computer Science, vol 3876. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11681878_21
Download citation
DOI: https://doi.org/10.1007/11681878_21
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-32731-8
Online ISBN: 978-3-540-32732-5
eBook Packages: Computer ScienceComputer Science (R0)