Article

Founding Secure Computation on Blockchains

Authors:

Arka Rai Choudhuri,

Abhishek JainAuthors Info & Claims

Advances in Cryptology – EUROCRYPT 2019: 38th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Darmstadt, Germany, May 19–23, 2019, Proceedings, Part II

Pages 351 - 380

https://doi.org/10.1007/978-3-030-17656-3_13

Published: 19 May 2019 Publication History

Abstract

We study the foundations of secure computation in the blockchain-hybrid model, where a blockchain – modeled as a global functionality – is available as an Oracle to all the participants of a cryptographic protocol. We demonstrate both destructive and constructive applications of blockchains:

•

We show that classical rewinding-based simulation techniques used in many security proofs fail against blockchain-active adversaries that have read and post access to a global blockchain. In particular, we show that zero-knowledge (ZK) proofs with black-box simulation are impossible against blockchain-active adversaries.

•

Nevertheless, we show that achieving security against blockchain-active adversaries is possible if the honest parties are also blockchain active. We construct an -round ZK protocol with black-box simulation. We show that this result is tight by proving the impossibility of constant-round ZK with black-box simulation.

•

Finally, we demonstrate a novel application of blockchains to overcome the known impossibility results for concurrent secure computation in the plain model. We construct a concurrent self-composable secure computation protocol for general functionalities in the blockchain-hybrid model based on standard cryptographic assumptions.

We develop a suite of techniques for constructing secure protocols in the blockchain-hybrid model that we hope will find applications to future research in this area.

References

[1]

Agrawal S, Goyal V, Jain A, Prabhakaran M, and Sahai A Safavi-Naini R and Canetti R New impossibility results for concurrent composition and a non-interactive completeness theorem for secure computation Advances in Cryptology – CRYPTO 2012 2012 Heidelberg Springer 443-460

Digital Library

[2]

Andrychowicz, M., Dziembowski, S., Malinowski, D., Mazurek, L.: Secure multiparty computations on bitcoin. In: 2014 IEEE Symposium on Security and Privacy, SP 2014, Berkeley, CA, USA, 18–21 May, pp. 443–458 (2014)

[3]

Badertscher, C., Gaži, P., Kiayias, A., Russell, A., Zikas, V.: Ouroboros genesis: composable proof-of-stake blockchains with dynamic availability. Cryptology ePrint Archive, Report 2018/378 (2018). https://eprint.iacr.org/2018/378

[4]

Badertscher C, Maurer U, Tschudi D, and Zikas V Katz J and Shacham H Bitcoin as a transaction ledger: a composable treatment Advances in Cryptology – CRYPTO 2017 2017 Cham Springer 324-356

[5]

Badrinarayanan S, Khurana D, Ostrovsky R, and Visconti I Coron J-S and Nielsen JB Unconditional UC-secure computation with (stronger-malicious) PUFs Advances in Cryptology – EUROCRYPT 2017 2017 Cham Springer 382-411

[6]

Barak, B., Canetti, R., Nielsen, J.B., Pass, R.: Universally composable protocols with relaxed set-up assumptions. In: 45th FOCS, 17–19 October, pp. 186–195. IEEE Computer Society Press, Rome (2004)

[7]

Barak, B., Lindell, Y.: Strict polynomial-time in simulation and extraction. In: 34th ACM STOC, 19–21 May, pp. 484–493. ACM Press, Montréal (2002)

[8]

Barak, B., Prabhakaran, M., Sahai, A.: Concurrent non-malleable zero knowledge. In: 47th FOCS, 21–24 October, pp. 345–354. IEEE Computer Society Press, Berkeley (2006)

[9]

Bellare M, Jakobsson M, and Yung M Fumy W Round-optimal zero-knowledge arguments based on any one-way function Advances in Cryptology — EUROCRYPT 1997 1997 Heidelberg Springer 280-305

[10]

Bentov I and Kumaresan R Garay JA and Gennaro R How to use bitcoin to design fair protocols Advances in Cryptology – CRYPTO 2014 2014 Heidelberg Springer 421-439

[11]

Blum, M.: How to prove a theorem so no one else can claim it. In: International Congress of Mathematicians, pp. 1444–1451 (1987)

[12]

Brzuska C, Fischlin M, Schröder H, and Katzenbeisser S Rogaway P Physically uncloneable functions in the universal composition framework Advances in Cryptology – CRYPTO 2011 2011 Heidelberg Springer 51-70

[13]

Canetti R, Kushilevitz E, and Lindell Y On the limitations of universally composable two-party computation without set-up assumptions J. Cryptol. 2006 19 2 135-167

Digital Library

[14]

Canetti, R.: Universally composable security: a new paradigm for cryptographic protocols. In: 42nd FOCS, 14–17 October, pp. 136–145. IEEE Computer Society Press, Las Vegas (2001)

[15]

Canetti R, Dodis Y, Pass R, and Walfish S Vadhan SP Universally composable security with global setup Theory of Cryptography 2007 Heidelberg Springer 61-85

[16]

Canetti R and Fischlin M Kilian J Universally composable commitments Advances in Cryptology — CRYPTO 2001 2001 Heidelberg Springer 19-40

[17]

Canetti R, Goyal V, and Jain A Gennaro R and Robshaw MJB Concurrent secure computation with optimal query complexity Advances in Cryptology – CRYPTO 2015 2015 Heidelberg Springer 43-62

Digital Library

[18]

Canetti, R., Jain, A., Scafuro, A.: Practical UC security with a global random oracle. In: Ahn, G.J., Yung, M., Li, N. (eds.) ACM CCS 14, 3–7 November, pp. 597–608. ACM Press, Scottsdale (2014)

[19]

Canetti R, Kushilevitz E, and Lindell Y Biham E On the limitations of universally composable two-party computation without set-up assumptions Advances in Cryptology — EUROCRYPT 2003 2003 Heidelberg Springer 68-86

[20]

Canetti, R., Lin, H., Pass, R.: Adaptive hardness and composable security in the plain model from standard assumptions. In: 51st FOCS, 23–26 October, pp. 541–550. IEEE Computer Society Press, Las Vegas (2010)

[21]

Canetti, R., Lindell, Y., Ostrovsky, R., Sahai, A.: Universally composable two-party and multi-party secure computation. In: 34th ACM STOC, 19–21 May, pp. 494–503. ACM Press, Montréal (2002)

[22]

Chandran N, Goyal V, and Sahai A Smart NP New constructions for UC secure computation using tamper-proof hardware Advances in Cryptology – EUROCRYPT 2008 2008 Heidelberg Springer 545-562

[23]

Choudhuri, A.R., Goyal, V., Jain, A.: Founding secure computation on blockchains. Cryptology ePrint Archive, Report 2019/253 (2019). https://eprint.iacr.org/2019/253

[24]

Choudhuri, A.R., Green, M., Jain, A., Kaptchuk, G., Miers, I.: Fairness in an unfair world: fair multiparty computation from public bulletin boards. In: Thuraisingham, B.M., Evans, D., Malkin, T., Xu, D. (eds.) ACM CCS 17, October 31–2 November, pp. 719–728. ACM Press, Dallas (2017)

[25]

Dachman-Soled D, Fleischhacker N, Katz J, Lysyanskaya A, and Schröder D Garay JA and Gennaro R Feasibility and infeasibility of secure computation with malicious PUFs Advances in Cryptology – CRYPTO 2014 2014 Heidelberg Springer 405-420

[26]

Dolev, D., Dwork, C., Naor, M.: Non-malleable cryptography (extended abstract). In: 23rd ACM STOC, 6–8 May, pp. 542–552. ACM Press, New Orleans (1991)

[27]

Dwork, C., Naor, M., Sahai, A.: Concurrent zero-knowledge. In: 30th ACM STOC, 23–26 May, pp. 409–418. ACM Press, Dallas (1998)

[28]

Feige, U., Shamir, A.: Witness indistinguishable and witness hiding protocols. In: 22nd ACM STOC, 14–16 May, pp. 416–426. ACM Press, Baltimore (1990)

[29]

Fiat A and Shamir A Odlyzko AM How to prove yourself: practical solutions to identification and signature problems Advances in Cryptology — CRYPTO’ 86 1987 Heidelberg Springer 186-194

[30]

Garay J, Kiayias A, and Leonardos N Oswald E and Fischlin M The bitcoin backbone protocol: analysis and applications Advances in Cryptology - EUROCRYPT 2015 2015 Heidelberg Springer 281-310

[31]

Garay J, Kiayias A, and Leonardos N Katz J and Shacham H The bitcoin backbone protocol with chains of variable difficulty Advances in Cryptology – CRYPTO 2017 2017 Cham Springer 291-323

[32]

Garg S, Kumarasubramanian A, Ostrovsky R, and Visconti I Safavi-Naini R and Canetti R Impossibility results for static input secure computation Advances in Cryptology – CRYPTO 2012 2012 Heidelberg Springer 424-442

Digital Library

[33]

Goldreich O and Krawczyk H On the composition of zero-knowledge proof systems SIAM J. Comput. 1996 25 1 169-192

Digital Library

[34]

Goldreich, O., Micali, S., Wigderson, A.: How to play any mental game or a completeness theorem for protocols with honest majority. In: Aho, A. (ed.) 19th ACM STOC, 25–27 May, pp. 218–229. ACM Press, New York City (1987)

[35]

Goldwasser, S., Micali, S., Rackoff, C.: The knowledge complexity of interactive proof-systems (extended abstract). In: Proceedings of the 17th Annual ACM Symposium on Theory of Computing, 6–8 May 1985, Providence, Rhode Island, USA, pp. 291–304 (1985)

[36]

Goyal R and Goyal V Kalai Y and Reyzin L Overcoming cryptographic impossibility results using blockchains Theory of Cryptography 2017 Cham Springer 529-561

Digital Library

[37]

Goyal, V.: Positive results for concurrently secure computation in the plain model. In: 53rd FOCS, 20–23 October, pp. 41–50. IEEE Computer Society Press, New Brunswick (2012)

[38]

Goyal V, Gupta D, and Jain A Canetti R and Garay JA What information is leaked under concurrent composition? Advances in Cryptology – CRYPTO 2013 2013 Heidelberg Springer 220-238

[39]

Goyal V, Ishai Y, Sahai A, Venkatesan R, and Wadia A Micciancio D Founding cryptography on tamper-proof hardware tokens Theory of Cryptography 2010 Heidelberg Springer 308-326

Digital Library

[40]

Goyal V, Jain A, and Ostrovsky R Rabin T Password-authenticated session-key generation on the internet in the plain model Advances in Cryptology – CRYPTO 2010 2010 Heidelberg Springer 277-294

[41]

Goyal V, Lin H, Pandey O, Pass R, and Sahai A Dodis Y and Nielsen JB Round-efficient concurrently composable secure computation via a robust extraction lemma Theory of Cryptography 2015 Heidelberg Springer 260-289

[42]

Haitner I, Horvitz O, Katz J, Koo C-Y, Morselli R, and Shaltiel R Cramer R Reducing complexity assumptions for statistically-hiding commitment Advances in Cryptology – EUROCRYPT 2005 2005 Heidelberg Springer 58-77

Digital Library

[43]

Hazay C, Polychroniadou A, and Venkitasubramaniam M Hirt M and Smith A Composable security in the tamper-proof hardware model under minimal complexity Theory of Cryptography 2016 Heidelberg Springer 367-399

Digital Library

[44]

Kalai, Y.T., Lindell, Y., Prabhakaran, M.: Concurrent general composition of secure protocols in the timing model. In: Gabow, H.N., Fagin, R. (eds.) 37th ACM STOC, 22–24 May, pp. 644–653. ACM Press, Baltimore (2005)

[45]

Katz J Naor M Universally composable multi-party computation using tamper-proof hardware Advances in Cryptology - EUROCRYPT 2007 2007 Heidelberg Springer 115-128

Digital Library

[46]

Kiayias A, Russell A, David B, and Oliynykov R Katz J and Shacham H Ouroboros: a provably secure proof-of-stake blockchain protocol Advances in Cryptology – CRYPTO 2017 2017 Cham Springer 357-388

[47]

Kiayias A, Zhou H-S, and Zikas V Fischlin M and Coron J-S Fair and robust multi-party computation using a global transaction ledger Advances in Cryptology – EUROCRYPT 2016 2016 Heidelberg Springer 705-734

[48]

Kilian, J.: Founding cryptography on oblivious transfer. In: 20th ACM STOC, 2–4 May, pp. 20–31. ACM Press, Chicago (1988)

[49]

Kilian, J., Petrank, E.: Concurrent and resettable zero-knowledge in poly-loalgorithm rounds. In: STOC, pp. 560–569 (2001)

[50]

Lindell, Y.: General composition and universal composability in secure multi-party computation. In: FOCS, pp. 394–403 (2003)

[51]

Lindell Y Naor M Lower bounds for concurrent self composition Theory of Cryptography 2004 Heidelberg Springer 203-222

[52]

Lindell Y Lower bounds and impossibility results for concurrent self composition J. Cryptol. 2008 21 2 200-249

Digital Library

[53]

Micali, S., Pass, R.: Local zero knowledge. In: Proceedings of the 38th Annual ACM Symposium on Theory of Computing, Seattle, WA, USA, 21–23 May 2006, pp. 306–315 (2006).

Digital Library

[54]

Naor M Bit commitment using pseudorandomness J. Cryptol. 1991 4 2 151-158

Digital Library

[55]

Naor M, Ostrovsky R, Venkatesan R, and Yung M Perfect zero-knowledge arguments for NP using any one-way permutation J. Cryptol. 1998 11 2 87-108

Digital Library

[56]

Pass R, Seeman L, and Shelat A Coron J-S and Nielsen JB Analysis of the blockchain protocol in asynchronous networks Advances in Cryptology – EUROCRYPT 2017 2017 Cham Springer 643-673

[57]

Prabhakaran, M., Rosen, A., Sahai, A.: Concurrent zero knowledge with logarithmic round-complexity. In: 43rd FOCS, 16–19 November, pp. 366–375. IEEE Computer Society Press, Vancouver (2002)

[58]

Richardson R and Kilian J Stern J On the concurrent composition of zero-knowledge proofs Advances in Cryptology — EUROCRYPT 1999 1999 Heidelberg Springer 415-431

[59]

Yao, A.C.C.: How to generate and exchange secrets (extended abstract). In: 27th FOCS, 27–29 October, pp. 162–167, IEEE Computer Society Press, Toronto (1986)

Cited By

Komargodski ITamir Y(2023)On Distributed Randomness Generation in BlockchainsCyber Security, Cryptology, and Machine Learning10.1007/978-3-031-34671-2_4(49-64)Online publication date: 29-Jun-2023
https://dl.acm.org/doi/10.1007/978-3-031-34671-2_4
Cordi CFrank MGabert KHelinski CKao RKolesnikov VLadha APattengale N(2022)Auditable, Available and Resilient Private Computation on the Blockchain via MPCCyber Security, Cryptology, and Machine Learning10.1007/978-3-031-07689-3_22(281-299)Online publication date: 30-Jun-2022
https://dl.acm.org/doi/10.1007/978-3-031-07689-3_22
Green MKaptchuk GVan Laer G(2021)Abuse Resistant Law Enforcement Access SystemsAdvances in Cryptology – EUROCRYPT 202110.1007/978-3-030-77883-5_19(553-583)Online publication date: 17-Oct-2021
https://dl.acm.org/doi/10.1007/978-3-030-77883-5_19
Show More Cited By

Recommendations

Efficient Fair Secure Two-Party Computation
APSCC '12: Proceedings of the 2012 IEEE Asia-Pacific Services Computing Conference)

Yao first introduced a constant-round protocol for secure two-party computation (2PC) withstanding semi-honest adversaries by using a tool called """"garbled circuit"""". Later, many protocols based on garbled circuit approach have been presented, most ...
Improvements to Secure Computation with Penalties
CCS '16: Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security

Motivated by the impossibility of achieving fairness in secure computation [Cleve, STOC 1986], recent works study a model of fairness in which an adversarial party that aborts on receiving output is forced to pay a mutually predefined monetary penalty ...
Optimistic Fair Secure Computation
CRYPTO '00: Proceedings of the 20th Annual International Cryptology Conference on Advances in Cryptology

We present an efficient and fair protocol for secure two-party computation in the optimistic model, where a partially trusted third party T is available, but not involved in normal protocol executions. T is needed only if communication is disrupted or ...

Comments

Information & Contributors

Information

Published In

cover image Guide Proceedings

Advances in Cryptology – EUROCRYPT 2019: 38th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Darmstadt, Germany, May 19–23, 2019, Proceedings, Part II

May 2019

786 pages

ISBN:978-3-030-17655-6

DOI:10.1007/978-3-030-17656-3

Editors:
Yuval Ishai
Technion, Haifa, Israel
,
Vincent Rijmen
COSIC Group, KU Leuven, Heverlee, Belgium

© International Association for Cryptologic Research 2019.

Publisher

Springer-Verlag

Berlin, Heidelberg

Publication History

Published: 19 May 2019

Qualifiers

Article

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

4
Total Citations
View Citations
0
Total Downloads

Downloads (Last 12 months)0
Downloads (Last 6 weeks)0

Reflects downloads up to 03 Oct 2024

Other Metrics

View Author Metrics

Citations

Cited By

Komargodski ITamir Y(2023)On Distributed Randomness Generation in BlockchainsCyber Security, Cryptology, and Machine Learning10.1007/978-3-031-34671-2_4(49-64)Online publication date: 29-Jun-2023
https://dl.acm.org/doi/10.1007/978-3-031-34671-2_4
Cordi CFrank MGabert KHelinski CKao RKolesnikov VLadha APattengale N(2022)Auditable, Available and Resilient Private Computation on the Blockchain via MPCCyber Security, Cryptology, and Machine Learning10.1007/978-3-031-07689-3_22(281-299)Online publication date: 30-Jun-2022
https://dl.acm.org/doi/10.1007/978-3-031-07689-3_22
Green MKaptchuk GVan Laer G(2021)Abuse Resistant Law Enforcement Access SystemsAdvances in Cryptology – EUROCRYPT 202110.1007/978-3-030-77883-5_19(553-583)Online publication date: 17-Oct-2021
https://dl.acm.org/doi/10.1007/978-3-030-77883-5_19
Scafuro ASiniscalchi LVisconti I(2021)Publicly Verifiable Zero Knowledge from (Collapsing) BlockchainsPublic-Key Cryptography – PKC 202110.1007/978-3-030-75248-4_17(469-498)Online publication date: 10-May-2021
https://dl.acm.org/doi/10.1007/978-3-030-75248-4_17

View Options

View options

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

Media

Figures

Other

Tables

View Table of Contents