TY - JOUR
T1 - GNUC
T2 - A New Universal Composability Framework
AU - Hofheinz, Dennis
AU - Shoup, Victor
N1 - Funding Information:
V. Shoup was supported by NSF grant CNS-0716690.
Funding Information:
D. Hofheinz was supported by DFG grant GZ HO 4534/2-1.
Publisher Copyright:
© 2013, International Association for Cryptologic Research.
PY - 2015/7/12
Y1 - 2015/7/12
N2 - We put forward a framework for the modular design and analysis of multi-party protocols. Our framework is called “GNUC” (with the recursive meaning “GNUC’s Not UC”), already alluding to the similarity to Canetti’s Universal Composability (UC) framework. In particular, like UC, we offer a universal composition theorem, as well as a theorem for composing protocols with joint state. We deviate from UC in several important aspects. Specifically, we have a rather different view than UC on the structuring of protocols, on the notion of polynomial-time protocols and attacks, and on corruptions. We will motivate our definitional choices by explaining why the definitions in the UC framework are problematic, and how we overcome these problems. Our goal is to offer a framework that is largely compatible with UC, such that previous results formulated in UC carry over to GNUC with minimal changes. We exemplify this by giving explicit formulations for several important protocol tasks, including authenticated and secure communication, as well as commitment and secure function evaluation.
AB - We put forward a framework for the modular design and analysis of multi-party protocols. Our framework is called “GNUC” (with the recursive meaning “GNUC’s Not UC”), already alluding to the similarity to Canetti’s Universal Composability (UC) framework. In particular, like UC, we offer a universal composition theorem, as well as a theorem for composing protocols with joint state. We deviate from UC in several important aspects. Specifically, we have a rather different view than UC on the structuring of protocols, on the notion of polynomial-time protocols and attacks, and on corruptions. We will motivate our definitional choices by explaining why the definitions in the UC framework are problematic, and how we overcome these problems. Our goal is to offer a framework that is largely compatible with UC, such that previous results formulated in UC carry over to GNUC with minimal changes. We exemplify this by giving explicit formulations for several important protocol tasks, including authenticated and secure communication, as well as commitment and secure function evaluation.
KW - Composition
KW - Protocols
KW - Universal composability
UR - http://www.scopus.com/inward/record.url?scp=84930759315&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=84930759315&partnerID=8YFLogxK
U2 - 10.1007/s00145-013-9160-y
DO - 10.1007/s00145-013-9160-y
M3 - Article
AN - SCOPUS:84930759315
SN - 0933-2790
VL - 28
SP - 423
EP - 508
JO - Journal of Cryptology
JF - Journal of Cryptology
IS - 3
ER -