Sciweavers

CCS
2015
ACM

The Limits of Composable Crypto with Transferable Setup Devices

7 years 11 months ago
The Limits of Composable Crypto with Transferable Setup Devices
UC security realized with setup devices imposes that single instances of these setups are used. In most cases, UC-realization relies further on other properties of the setups devices, like tamperresistance. But what happens in stronger versions of the UC framework, like EUC or JUC, where multiple instances of these setups are allowed? Can we formalise what it is about setups like these which makes them sometimes hinder UC, JUC, EUC realizability? In this paper, we answer this question. As such, we formally introduce transferable setups, which can be viewed as setup devices that do not (publicly) disclose if they have been maliciously passed on. Further, we prove the general result that one cannot realize oblivious transfer (OT) or any “interesting” 2-party protocol using transferable setups in the EUC model. As a by-product, we show that physically unclonable functions (PUFs) themselves are transferable devices, which means that one cannot use PUFs as a global setups; this is inte...
Ioana Boureanu, Miyako Ohkubo, Serge Vaudenay
Added 17 Apr 2016
Updated 17 Apr 2016
Type Journal
Year 2015
Where CCS
Authors Ioana Boureanu, Miyako Ohkubo, Serge Vaudenay
Comments (0)