research-article

Open access

A PKI-based Framework for Establishing Efficient MPC Channels

Authors:

Gaven WatsonAuthors Info & Claims

CCS '21: Proceedings of the 2021 ACM SIGSAC Conference on Computer and Communications Security

Pages 1961 - 1980

https://doi.org/10.1145/3460120.3484806

Published: 13 November 2021 Publication History

Abstract

The Transport Layer Security (TLS) protocol is a fundamental building block for ensuring security on Internet. It provides an easy to use framework for the purposes of establishing an authenticated and secure channel between two parties that have never physically met. Nevertheless, TLS only provides a simple cryptographic functionality compared to more advanced protocols such as protocols for secure multiparty computation (MPC).

In this work, we provide a framework for efficiently establishing channels for MPC over the Internet. We focus on MPC protocols in the oblivious transfer (OT) hybrid model such that it is sufficient to establish OT correlations for such a channel. We revisit and combine different notions of UC security proposed in both the MPC and authenticated key exchange settings. Through this work, we show how an OT protocol can be composed with a secure authenticator to ensure the authenticity of messages sent during the OT.

In addition, we adapt and analyse non-interactive OTs based on dense key encapsulation mechanisms (KEMs) in the random oracle model, where the first message, i.e. public key, can be reused. These KEMs can be instantiated based on CDH, RSA and LWE and after a performance and security evaluation, it turns out that the resulting OT protocols are very competitive with the state of the art and are able to leverage existing PKIs.

Supplementary Material

MP4 File (CCS21-fp532.mp4)

The long version of the talk on:"A PKI-based Framework for Establishing Efficient MPC Channels". In the talk, we give a high level overview of previous works and the contribution in the paper: "A PKI-based Framework for Establishing Efficient MPC Channels".

Download
36.33 MB

References

[1]

relic-toolkitD. F. Aranha, C. P. L. Gouvêa, T. Markmann, R. S. Wahby, and K. Liao. RELIC is an Efficient LIbrary for Cryptography. https://github.com/relic-toolkit/relic.

[2]

Gilad Asharov, Yehuda Lindell, Thomas Schneider, and Michael Zohner. More efficient oblivious transfer extensions with security for malicious adversaries. In Elisabeth Oswald and Marc Fischlin, editors, EUROCRYPT 2015, Part I, volume 9056 of LNCS, pages 673--701. Springer, Heidelberg, April 2015.

[3]

Mihir Bellare, Ran Canetti, and Hugo Krawczyk. A modular approach to the design and analysis of authentication and key exchange protocols (extended abstract). In 30th ACM STOC, pages 419--428. ACM Press, May 1998.

Digital Library

[4]

Donald Beaver. Correlated pseudorandomness and the complexity of private computations. In 28th ACM STOC, pages 479--488. ACM Press, May 1996.

Digital Library

[5]

Fabrice Benhamouda and Huijia Lin. k-round multiparty computation from k-round oblivious transfer via garbled interactive circuits. In Jesper Buus Nielsen and Vincent Rijmen, editors, EUROCRYPT 2018, Part II, volume 10821 of LNCS, pages 500--532. Springer, Heidelberg, April / May 2018.

[6]

Mihir Bellare and Silvio Micali. Non-interactive oblivious transfer and applications. In Gilles Brassard, editor, CRYPTO'89, volume 435 of LNCS, pages 547--557. Springer, Heidelberg, August 1990.

[7]

Ran Canetti. Universally composable security: A new paradigm for cryptographic protocols. In 42nd FOCS, pages 136--145. IEEE Computer Society Press, October 2001.

Digital Library

[8]

Ran Canetti, Asaf Cohen, and Yehuda Lindell. A simpler variant of universally composable security for standard multiparty computation. In Rosario Gennaro and Matthew J. B. Robshaw, editors, CRYPTO 2015, Part II, volume 9216 of LNCS, pages 3--22. Springer, Heidelberg, August 2015.

[9]

Ran Canetti, Yevgeniy Dodis, Rafael Pass, and Shabsi Walfish. Universally composable security with global setup. In Salil P. Vadhan, editor, TCC 2007, volume 4392 of LNCS, pages 61--85. Springer, Heidelberg, February 2007.

[10]

Ran Canetti and Hugo Krawczyk. Universally composable notions of key exchange and secure channels. In Lars R. Knudsen, editor, EUROCRYPT 2002, volume 2332 of LNCS, pages 337--351. Springer, Heidelberg, April / May 2002.

[11]

Tung Chou and Claudio Orlandi. The simplest protocol for oblivious transfer. In Kristin E. Lauter and Francisco Rodr'iguez-Henr'iquez, editors, LATINCRYPT 2015, volume 9230 of LNCS, pages 40--58. Springer, Heidelberg, August 2015.

Digital Library

[12]

Ran Canetti and Tal Rabin. Universal composition with joint state. In Dan Boneh, editor, CRYPTO 2003, volume 2729 of LNCS, pages 265--281. Springer, Heidelberg, August 2003.

[13]

Ran Canetti, Daniel Shahaf, and Margarita Vald. Universally composable authentication and key-exchange with global PKI. In Chen-Mou Cheng, Kai-Min Chung, Giuseppe Persiano, and Bo-Yin Yang, editors, PKC 2016, Part II, volume 9615 of LNCS, pages 265--296. Springer, Heidelberg, March 2016.

[14]

Ran Canetti, Pratik Sarkar, and Xiao Wang. Efficient and round-optimal oblivious transfer and commitment with adaptive security. In Shiho Moriai and Huaxiong Wang, editors, ASIACRYPT 2020, Part III, volume 12493 of LNCS, pages 277--308. Springer, Heidelberg, December 2020.

[15]

Claude Crépeau, Jeroen van de Graaf, and Alain Tapp. Committed oblivious transfer and private multi-party computation. In Don Coppersmith, editor, CRYPTO'95, volume 963 of LNCS, pages 110--123. Springer, Heidelberg, August 1995.

[16]

Shimon Even, Oded Goldreich, and Abraham Lempel. A randomized protocol for signing contracts. In David Chaum, Ronald L. Rivest, and Alan T. Sherman, editors, CRYPTO'82, pages 205--210. Plenum Press, New York, USA, 1982.

[17]

Marc Fischlin, Felix Günther, Benedikt Schmidt, and Bogdan Warinschi. Key confirmation in key exchange: A formal treatment and implications for TLS 1.3. In 2016 IEEE Symposium on Security and Privacy, pages 452--469. IEEE Computer Society Press, May 2016.

[18]

Georg Fuchsbauer, Eike Kiltz, and Julian Loss. The algebraic group model and its applications. In Hovav Shacham and Alexandra Boldyreva, editors, CRYPTO 2018, Part II, volume 10992 of LNCS, pages 33--62. Springer, Heidelberg, August 2018.

[19]

Ziya Alper Genc c, Vincenzo Iovino, and Alfredo Rial. “The simplest protocol for oblivious transfer” revisited. Cryptology ePrint Archive, Report 2017/370, 2017. https://eprint.iacr.org/2017/370.

[20]

0]FOCS:GKMRV00Yael Gertner, Sampath Kannan, Tal Malkin, Omer Reingold, and Mahesh Viswanathan. The relationship between public key encryption and oblivious transfer. In 41st FOCS, pages 325--335. IEEE Computer Society Press, November 2000.

Digital Library

[21]

Oded Goldreich, Silvio Micali, and Avi Wigderson. How to play any mental game or A completeness theorem for protocols with honest majority. In Alfred Aho, editor, 19th ACM STOC, pages 218--229. ACM Press, May 1987.

[22]

Sanjam Garg and Akshayaram Srinivasan. Two-round multiparty secure computation from minimal assumptions. In Jesper Buus Nielsen and Vincent Rijmen, editors, EUROCRYPT 2018, Part II, volume 10821 of LNCS, pages 468--499. Springer, Heidelberg, April / May 2018.

[23]

Eduard Hauck and Julian Loss. Efficient and universally composable protocols for oblivious transfer from the CDH assumption. Cryptology ePrint Archive, Report 2017/1011, 2017. https://eprint.iacr.org/2017/1011.

[24]

Yuval Ishai, Joe Kilian, Kobbi Nissim, and Erez Petrank. Extending oblivious transfers efficiently. In Dan Boneh, editor, CRYPTO 2003, volume 2729 of LNCS, pages 145--161. Springer, Heidelberg, August 2003.

[25]

1]EC:IKOPS11Yuval Ishai, Eyal Kushilevitz, Rafail Ostrovsky, Manoj Prabhakaran, and Amit Sahai. Efficient non-interactive secure computation. In Kenneth G. Paterson, editor, EUROCRYPT 2011, volume 6632 of LNCS, pages 406--425. Springer, Heidelberg, May 2011.

[26]

Yuval Ishai, Manoj Prabhakaran, and Amit Sahai. Founding cryptography on oblivious transfer - efficiently. In David Wagner, editor, CRYPTO 2008, volume 5157 of LNCS, pages 572--591. Springer, Heidelberg, August 2008.

[27]

Joe Kilian. Founding cryptography on oblivious transfer. In 20th ACM STOC, pages 20--31. ACM Press, May 1988.

[28]

Marcel Keller, Emmanuela Orsini, and Peter Scholl. Actively secure OT extension with optimal overhead. In Rosario Gennaro and Matthew J. B. Robshaw, editors, CRYPTO 2015, Part I, volume 9215 of LNCS, pages 724--741. Springer, Heidelberg, August 2015.

[29]

Daniel Masny and Peter Rindal. Endemic oblivious transfer. In Lorenzo Cavallaro, Johannes Kinder, XiaoFeng Wang, and Jonathan Katz, editors, ACM CCS 2019, pages 309--326. ACM Press, November 2019.

[30]

Ian McQuoid, Mike Rosulek, and Lawrence Roy. Minimal symmetric PAKE and 1-out-of-N OT from programmable-once public functions. In Jay Ligatti, Xinming Ou, Jonathan Katz, and Giovanni Vigna, editors, ACM CCS 20, pages 425--442. ACM Press, November 2020.

Digital Library

[31]

Ian McQuoid, Mike Rosulek, and Lawrence Roy. Batching base oblivious transfers. IACR Cryptol. ePrint Arch., 2021:682, 2021.

[32]

Michele Orrù, Emmanuela Orsini, and Peter Scholl. Actively secure 1-out-of-N OT extension with application to private set intersection. In Helena Handschuh, editor, CT-RSA 2017, volume 10159 of LNCS, pages 381--396. Springer, Heidelberg, February 2017.

[33]

Michael O. Rabin. How to exchange secrets by oblivious transfer. Technical report, Harvard University, 1981.

[34]

Eric Rescorla and Tim Dierks. The Transport Layer Security (TLS) Protocol Version 1.2. RFC 5246, August 2008.

[35]

Eric Rescorla. The Transport Layer Security (TLS) Protocol Version 1.3. RFC 8446, August 2018.

Digital Library

[36]

Andrew Chi-Chih Yao. Protocols for secure computations (extended abstract). In 23rd FOCS, pages 160--164. IEEE Computer Society Press, November 1982.

[37]

Andrew Chi-Chih Yao. How to generate and exchange secrets (extended abstract). In 27th FOCS, pages 162--167. IEEE Computer Society Press, October 1986.

Cited By

Tang ZYan TYang JGuo Z(2024)A wide-area multi-factor identity authentication scheme based on PKIWorkshop on Electronics Communication Engineering (WECE 2023)10.1117/12.3015400(5)Online publication date: 16-Jan-2024
https://doi.org/10.1117/12.3015400
Brorsson JDavid BGentile LPagnin EWagner P(2023)PAPR: Publicly Auditable Privacy Revocation for Anonymous CredentialsTopics in Cryptology – CT-RSA 202310.1007/978-3-031-30872-7_7(163-190)Online publication date: 24-Apr-2023
https://dl.acm.org/doi/10.1007/978-3-031-30872-7_7
Badrinarayanan SMasny DMukherjee P(2022)Efficient and Tight Oblivious Transfer from PKE with Tight Multi-user SecurityApplied Cryptography and Network Security10.1007/978-3-031-09234-3_31(626-642)Online publication date: 20-Jun-2022
https://dl.acm.org/doi/10.1007/978-3-031-09234-3_31

Index Terms

A PKI-based Framework for Establishing Efficient MPC Channels
1. Security and privacy
  1. Cryptography
    1. Public key (asymmetric) techniques

Recommendations

A Framework for Constructing Fast MPC over Arithmetic Circuits with Malicious Adversaries and an Honest-Majority
CCS '17: Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security

Protocols for secure multiparty computation enable a set of parties to compute a function of their inputs without revealing anything but the output. The security properties of the protocol must be preserved in the presence of adversarial behavior. The ...
Efficient, Constant-Round and Actively Secure MPC: Beyond the Three-Party Case
CCS '17: Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security

While the feasibility of constant-round and actively secure MPC has been known for over two decades, the last few years have witnessed a flurry of designs and implementations that make its deployment a palpable reality. To our knowledge, however, ...
Efficient oblivious transfer with adaptive queries in UC framework

We propose two efficient universally composable adaptivek-out-of-NOTk×1N protocols, secure in the presence of malicious adversary in static corruption model under the Decision Linear and q-Strong Diffie-Hellman assumptions. Our second scheme ...

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences

CCS '21: Proceedings of the 2021 ACM SIGSAC Conference on Computer and Communications Security

November 2021

3558 pages

ISBN:9781450384544

DOI:10.1145/3460120

General Chairs:
Yongdae Kim
KAIST, Republic of Korea
,
Jong Kim
POSTECH, Republic of Korea
,
Program Chairs:
Giovanni Vigna
University of California, Santa Barbara / VMware, USA
,
Elaine Shi
Carnegie Mellon University, USA

Copyright © 2021 Owner/Author.

This work is licensed under a Creative Commons Attribution International 4.0 License.

Sponsors

SIGSAC: ACM Special Interest Group on Security, Audit, and Control

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 13 November 2021

Check for updates

Author Tags

Qualifiers

Research-article

Conference

CCS '21

Sponsor:

SIGSAC

CCS '21: 2021 ACM SIGSAC Conference on Computer and Communications Security

November 15 - 19, 2021

Virtual Event, Republic of Korea

Acceptance Rates

Overall Acceptance Rate 1,261 of 6,999 submissions, 18%

Upcoming Conference

CCS '24

Sponsor:
sigsac

ACM SIGSAC Conference on Computer and Communications Security

October 14 - 18, 2024

Salt Lake City , UT , USA

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

3
Total Citations
View Citations
789
Total Downloads

Downloads (Last 12 months)220
Downloads (Last 6 weeks)52

Reflects downloads up to 03 Oct 2024

Other Metrics

View Author Metrics

Citations

Cited By

Tang ZYan TYang JGuo Z(2024)A wide-area multi-factor identity authentication scheme based on PKIWorkshop on Electronics Communication Engineering (WECE 2023)10.1117/12.3015400(5)Online publication date: 16-Jan-2024
https://doi.org/10.1117/12.3015400
Brorsson JDavid BGentile LPagnin EWagner P(2023)PAPR: Publicly Auditable Privacy Revocation for Anonymous CredentialsTopics in Cryptology – CT-RSA 202310.1007/978-3-031-30872-7_7(163-190)Online publication date: 24-Apr-2023
https://dl.acm.org/doi/10.1007/978-3-031-30872-7_7
Badrinarayanan SMasny DMukherjee P(2022)Efficient and Tight Oblivious Transfer from PKE with Tight Multi-user SecurityApplied Cryptography and Network Security10.1007/978-3-031-09234-3_31(626-642)Online publication date: 20-Jun-2022
https://dl.acm.org/doi/10.1007/978-3-031-09234-3_31

View Options

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

Media

Figures

Other

Tables

View Table of Contents