The assumption of the availability of tamper-proof hardware tokens has been used extensively in t... more The assumption of the availability of tamper-proof hardware tokens has been used extensively in the design of cryptographic primitives. For example, Katz (Eurocrypt 2007) suggests them as an alternative to other setup assumptions, towards achieving general UC-secure multi-party computation. On the other hand, a lot of recent research has focused on protecting security of various cryptographic primitives against physical attacks such as leakage and tampering. In this paper we put forward the notion of Built-in Tamper Resilience (BiTR) for cryptographic protocols, capturing the idea that the protocol that is encapsulated in a hardware token is designed in such a way so that tampering gives no advantage to an adversary. Our definition is within the UC model, and can be viewed as unifying and extending several prior related works. We provide a composition theorem for BiTR security of protocols, impossibility results, as well as several BiTR constructions for specific cryptographic protocols or tampering function classes. In particular we achieve general UC-secure computation based on a hardware token that may be susceptible to affine tampering attacks. We also present BiTR proofs for identification and signature schemes in the same tampering model. We next observe that non-malleable codes are sufficient (but not necessary) as state encodings to imply the BiTR property and we show new positive results for deterministic non-malleable encodings (as opposed to probabilistic that were previously known) for various classes of tampering functions.
We present a compiler for transforming an oblivious transfer (OT) protocol secure against an adap... more We present a compiler for transforming an oblivious transfer (OT) protocol secure against an adaptive semi-honest adversary into one that is secure against an adaptive malicious adversary. Our compiler achieves security in the universal composability framework, assuming access to an ideal commitment functionality, and improves over previous work achieving the same security guarantee in two ways: it uses black-box access to the underlying protocol and achieves a constant multiplicative overhead in the round complexity. As a corollary, we obtain the first constructions of adaptively secure protocols in the stand-alone model using black-box access to a low-level primitive.
The assumption of the availability of tamper-proof hardware tokens has been used extensively in t... more The assumption of the availability of tamper-proof hardware tokens has been used extensively in the design of cryptographic primitives. For example, Katz (Eurocrypt 2007) suggests them as an alternative to other setup assumptions, towards achieving general UC-secure multi-party computation. On the other hand, a lot of recent research has focused on protecting security of various cryptographic primitives against physical attacks such as leakage and tampering. In this paper we put forward the notion of Built-in Tamper Resilience (BiTR) for cryptographic protocols, capturing the idea that the protocol that is encapsulated in a hardware token is designed in such a way so that tampering gives no advantage to an adversary. Our definition is within the UC model, and can be viewed as unifying and extending several prior related works. We provide a composition theorem for BiTR security of protocols, impossibility results, as well as several BiTR constructions for specific cryptographic protocols or tampering function classes. In particular we achieve general UC-secure computation based on a hardware token that may be susceptible to affine tampering attacks. We also present BiTR proofs for identification and signature schemes in the same tampering model. We next observe that non-malleable codes are sufficient (but not necessary) as state encodings to imply the BiTR property and we show new positive results for deterministic non-malleable encodings (as opposed to probabilistic that were previously known) for various classes of tampering functions.
We present a compiler for transforming an oblivious transfer (OT) protocol secure against an adap... more We present a compiler for transforming an oblivious transfer (OT) protocol secure against an adaptive semi-honest adversary into one that is secure against an adaptive malicious adversary. Our compiler achieves security in the universal composability framework, assuming access to an ideal commitment functionality, and improves over previous work achieving the same security guarantee in two ways: it uses black-box access to the underlying protocol and achieves a constant multiplicative overhead in the round complexity. As a corollary, we obtain the first constructions of adaptively secure protocols in the stand-alone model using black-box access to a low-level primitive.
Uploads
Papers by Seung Choi