...
  • 主题
高级搜索  >
历史搜索 清空历史
首页> 外文期刊>Journal of Cryptology >Joint State Composition Theorems for Public-Key Encryption and Digital Signature Functionalities with Local Computation
【24h】

Joint State Composition Theorems for Public-Key Encryption and Digital Signature Functionalities with Local Computation

机译:具有本地计算的公共密钥加密和数字签名功能的联合状态构成定理

获取原文
           
页面导航
  • 摘要
  • 著录项
  • 相似文献
  • 相关主题

摘要

In frameworks for universal composability, complex protocols can be built from sub-protocols in a modular way using composition theorems. However, as first pointed out and studied by Canetti and Rabin, this modular approach often leads to impractical implementations. For example, when using a functionality for digital signatures within a more complex protocol, parties have to generate new verification and signing keys for every session of the protocol. This motivates to generalize composition theorems to so-called joint state (composition) theorems, where different copies of a functionality may share some state, e.g., the same verification and signing keys. In this paper, we present a joint state theorem which is more general than the original theorem of Canetti and Rabin, for which several problems and limitations are pointed out. We apply our theorem to obtain joint state realizations for three functionalities: public-key encryption, replayable public-key encryption, and digital signatures. Unlike most other formulations, our functionalities model that ciphertexts and signatures are computed locally, rather than being provided by the adversary. To obtain the joint state realizations, the functionalities have to be designed carefully. Other formulations proposed in the literature are shown to be unsuitable. Our work is based on the IITM model. Our definitions and results demonstrate the expressivity and simplicity of this model. For example, unlike Canetti's UC model, in the IITM model no explicit joint state operator needs to be defined and the joint state theorem follows immediately from the composition theorem in the IITM model.
机译:在通用可组合性的框架中,可以使用构图定理以模块化方式从子协议构建复杂协议。然而,如Canetti和Rabin所指出和研究,这种模块化方法通常会导致不切实际的实现。例如,当在更复杂的协议中使用数字签名的功能时,各方必须为协议的每个会话生成新的验证和签名键。这导致将组合定理概括为所谓的联合状态(组成)定理,其中功能的不同副本可以共享某些状态,例如相同的验证和签名键。在本文中,我们提出了一个比Canetti和Rabin的原始定理更广泛的联合状态定理,指出了几个问题和局限性。我们应用我们的定理以获取三个功能的联合状态实现:公钥加密,可重复的公钥加密和数字签名。与大多数其他配方不同,我们的功能模型将在本地计算密文和签名,而不是由对手提供。为了获得联合国家的实现,必须仔细设计功能。在文献中提出的其他制剂被证明是不合适的。我们的作品基于IITM模型。我们的定义和结果展示了该模型的表现和简单性。例如,与Canetti的UC模型不同,在IITM模型中,不需要定义显式联合状态操作员,并且联合状态定理在IITM模型中立即跟随组合定理。

著录项

相似文献

  • 外文文献
  • 中文文献
  • 专利
获取原文

客服邮箱:kefu@zhangqiaokeyan.com

京公网安备:11010802029741号 ICP备案号:京ICP备15016152号-6 六维联合信息科技 (北京) 有限公司©版权所有

  • 客服微信

  • 服务号