GNUC: A New Universal Composability Framework

Dennis Hofheinz, Victor Shoup

Research output: Contribution to journalArticlepeer-review


We put forward a framework for the modular design and analysis of multi-party protocols. Our framework is called “GNUC” (with the recursive meaning “GNUC’s Not UC”), already alluding to the similarity to Canetti’s Universal Composability (UC) framework. In particular, like UC, we offer a universal composition theorem, as well as a theorem for composing protocols with joint state. We deviate from UC in several important aspects. Specifically, we have a rather different view than UC on the structuring of protocols, on the notion of polynomial-time protocols and attacks, and on corruptions. We will motivate our definitional choices by explaining why the definitions in the UC framework are problematic, and how we overcome these problems. Our goal is to offer a framework that is largely compatible with UC, such that previous results formulated in UC carry over to GNUC with minimal changes. We exemplify this by giving explicit formulations for several important protocol tasks, including authenticated and secure communication, as well as commitment and secure function evaluation.

Original languageEnglish (US)
Pages (from-to)423-508
Number of pages86
JournalJournal of Cryptology
Issue number3
StatePublished - Jul 12 2015


  • Composition
  • Protocols
  • Universal composability

ASJC Scopus subject areas

  • Software
  • Computer Science Applications
  • Applied Mathematics


Dive into the research topics of 'GNUC: A New Universal Composability Framework'. Together they form a unique fingerprint.

Cite this