Canetti: “Universally Composable Security: A New Paradigm for Cryptographic Protocols"

18.04.2018, 10:00 – 11.30

18.04.2018 10:00-11:30

Speaker: Julia Hesse, TU Darmstadt | Location: Mornewegstraße 32 (S4|14), Room 5.3.01, Darmstadt

Organizer: Felix Günther and Christian Janson, TU Darmstadt


This talk is the first edition in the seminar series „Reading the Crypto Classics“ for the summer term '18. The idea of this seminar is to jointly read classical milestone papers in the area of cryptography, to discuss their impact and understand their relevance for current research areas. The seminar is running as an Oberseminar, but at the same time meant to be a joint reading group seminar of the CROSSING Special Interest Group on Advanced Cryptography with all interested CROSSING members being invited to participate.

This issue will cover the paper Canetti: “Universally Composable Security: A New Paradigm for Cryptographic Protocols„ with the following abstract:

“We propose a novel paradigm for defining security of cryptographic protocols, called universally composable security. The salient property of universally composable definitions of security is that they guarantee security even when a secure protocol is composed of an arbitrary set of protocols, or more generally when the protocol is used as a component of an arbitrary system. This is an essential property for maintaining security of cryptographic protocols in complex and unpredictable environments such as the Internet. In particular, universally composable definitions guarantee security even when an unbounded number of protocol instances are executed concurrently in an adversarially controlled manner, they guarantee non-malleability with respect to arbitrary protocols, and more. We show how to formulate universally composable definitions of security for practically any cryptographic task. Furthermore, we demonstrate that practically any such definition can be realized using known techniques, as long as only a minority of the participants are corrupted. We then proceed to formulate universally composable definitions of a wide array of cryptographic tasks, including authenticated and secure communication, key-exchange, public-key encryption, signature, commitment, oblivious transfer, zero knowledge and more. We also make initial steps towards studying the realizability of the proposed definitions in various settings."

More information (login required):