Speaker: Ran Canetti
12pm, TAU (Schreiber 210)
We construct general secure computation protocols that:
(a) assume only the existence of enhanced trapdoor permutations
(b) trust no infrastructure other than authenticated communication
(c) satisfy a meaningful notion of security that's
reserved under universal composition.
The notion of security fits within a generalization of the angel-based framework of Prabhakaran and Sahai (STOC04) and implies super-polynomial time simulation security. Security notions of this kind are currently known to be realizable only under strong and specific hardness assumptions.
A key element in our construction is a commitment scheme that satisfies a new and strong notion of security. The notion, security against chosen-commitment-attacks (CCA security), means that security holds even if the attacker has access to an extraction oracle that gives the adversary decommitment information to commitments of the adversary┬ choice. This notion is stronger than concurrent non-malleability and may be of independent interest. We construct CCA-secure commitments based on one-way functions and with no trusted set-up.
This is joint work with Huijia Rachel Lin and Rafael Pass.