Paper 2000/067

Universally Composable Security: A New Paradigm for Cryptographic Protocols

Ran Canetti

Abstract

We present a general framework for representing cryptographic protocols and analyzing their security. The framework allows specifying the security requirements of practically any cryptographic task in a unified and systematic way. Furthermore, in this framework the security of protocols is maintained under a general composition operation, called universal composition. The proposed framework with its security-preserving composition property allow for modular design and analysis of complex cryptographic protocols from relatively simple building blocks. Moreover, within this framework, protocols are guaranteed to maintain their security within any context, even in the presence of an unbounded number of arbitrary protocol instances that run concurrently in an adversarially controlled manner. This is a useful guarantee, that allows arguing about the security of cryptographic protocols in complex and unpredictable environments such as modern communication networks.

Note: This is an updated version. While the overall spirit and the structure of the definitions and results in this paper has remained the same, many important details have changed. We point out and motivate the main differences as we go along. We have also listed the main changes in Appendix B. Earlier versions of this work appeared in August 2019, December 2018, June 2013, December and January 2005, and October 2001, under the same title, and in December 2000 under the title "A unified framework for analyzing security of protocols". These earlier versions can be found on this site, and also at the ECCC archive, TR 01-16 (http://eccc.uni-trier.de/eccc-reports/2001/TR01-016); however they are not needed for understanding this work and have only historic significance.

Metadata
Available format(s)
PDF
Category
Foundations
Publication info
Preprint. MINOR revision.Extended Abstract appeared in proceedings of the 42nd Symposium on Foundations of Computer Science (FOCS), 2001.
Keywords
cryptographic protocolssecurity analysis of protocolsconcurrent composition.
Contact author(s)
canetti @ tau ac il
History
2020-02-12: last of 15 revisions
2000-12-23: received
See all versions
Short URL
https://ia.cr/2000/067
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2000/067,
      author = {Ran Canetti},
      title = {Universally Composable Security: A New Paradigm for Cryptographic Protocols},
      howpublished = {Cryptology ePrint Archive, Paper 2000/067},
      year = {2000},
      note = {\url{https://eprint.iacr.org/2000/067}},
      url = {https://eprint.iacr.org/2000/067}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.