Universal Composability
   HOME





Universal Composability
The framework of universal composability (UC) is a general-purpose model for the analysis of cryptographic protocols. It guarantees very strong security properties. Protocols remain secure even if arbitrarily composed with other instances of the same or other protocols. Security is defined in the sense of protocol emulation. Intuitively, a protocol is said to emulate another one, if no environment (observer) can distinguish the executions. Literally, the protocol may simulate the other protocol (without having access to the code). The notion of security is derived by implication. Assume a protocol P_1 is secure per definition. If another protocol P_2 emulates protocol P_1 such that no environment tells apart the emulation from the execution of the protocol, then the emulated protocol P_2 is as secure as protocol P_1. Ideal functionality An ideal functionality is a protocol in which a trusted party that can communicate over perfectly secure channels with all protocol participants ...
[...More Info...]      
[...Related Items...]     OR:     [Wikipedia]   [Google]   [Baidu]   [Amazon]


picture info

Protocol (computing)
A communication protocol is a system of rules that allows two or more entities of a communications system to transmit information via any variation of a physical quantity. The protocol defines the rules, syntax, semantics, and synchronization of communication and possible error recovery methods. Protocols may be implemented by hardware, software, or a combination of both. Communicating systems use well-defined formats for exchanging various messages. Each message has an exact meaning intended to elicit a response from a range of possible responses predetermined for that particular situation. The specified behavior is typically independent of how it is to be implemented. Communication protocols have to be agreed upon by the parties involved. To reach an agreement, a protocol may be developed into a technical standard. A programming language describes the same for computations, so there is a close analogy between protocols and programming languages: ''protocols are to communica ...
[...More Info...]      
[...Related Items...]     OR:     [Wikipedia]   [Google]   [Baidu]   [Amazon]


Synchronous Communication
Synchronous serial communication describes a serial communication protocol , "In synchronous transmission, groups of bits are combined into frames,and frames are sent continuously with or without data to be transmitted." Synchronous communication requires that the clocks in the transmitting and receiving devices are ''synchronized'' – running at the same rate – so the receiver can sample the signal at the same time intervals used by the transmitter. No start or stop bits are required. For this reason "synchronous communication permits more information to be passed over a circuit per unit time" than asynchronous serial communication. Over time the transmitting and receiving clocks will tend to drift apart, requiring ''resynchronization''. Synchronous RS-232 used additional pins on the DB-25 cable: the DCE (generally the modem or other peripheral) provided two clock signals to the DTE (generally the host computer or terminal), transmitter clock (pin 15, TCK) and rece ...
[...More Info...]      
[...Related Items...]     OR:     [Wikipedia]   [Google]   [Baidu]   [Amazon]


Burrows–Abadi–Needham Logic
Burrows–Abadi–Needham logic (also known as the BAN logic) is a set of rules for defining and analyzing information exchange protocols. Specifically, BAN logic helps its users determine whether exchanged information is trustworthy, secured against eavesdropping, or both. BAN logic starts with the assumption that all information exchanges happen on media vulnerable to tampering and public monitoring. This has evolved into the popular security mantra, "Don't trust the network." A typical BAN logic sequence includes three steps: # Verification of message origin # Verification of message freshness # Verification of the origin's trustworthiness. BAN logic uses postulates and definitions – like all axiomatic systems – to analyze authentication Authentication (from ''authentikos'', "real, genuine", from αὐθέντης ''authentes'', "author") is the act of proving an Logical assertion, assertion, such as the Digital identity, identity of a computer system user. In contrast ...
[...More Info...]      
[...Related Items...]     OR:     [Wikipedia]   [Google]   [Baidu]   [Amazon]


picture info

Abstraction
Abstraction is a process where general rules and concepts are derived from the use and classifying of specific examples, literal (reality, real or Abstract and concrete, concrete) signifiers, first principles, or other methods. "An abstraction" is the outcome of this process — a concept that acts as a common noun for all subordinate concepts and connects any related concepts as a ''group'', ''field'', or ''category''.Suzanne K. Langer (1953), ''Feeling and Form: A Theory of Art Developed from Philosophy in a New Key'', p. 90: "Sculpture, Sculptural form is a powerful abstraction from actual objects and the three-dimensional space which we construe ... through sensory system, touch and sight." Conceptual abstractions may be made by filtering the information content of a concept or an observable phenomenon, selecting only those aspects which are relevant for a particular purpose. For example, abstracting a leather soccer ball to the more general idea of a ball selects only the in ...
[...More Info...]      
[...Related Items...]     OR:     [Wikipedia]   [Google]   [Baidu]   [Amazon]


Ran Canetti
Ran Canetti () is a professor of Computer Science at Boston University. and the director of the Check Point Institute for Information Security and of the Center for Reliable Information System and Cyber Security. He is also associate editor of the Journal of Cryptology and Information and Computation. His main areas of research span cryptography and information security, with an emphasis on the design, analysis and use of cryptographic protocols. Biography Born in 1962 in Tel Aviv, Israel, Canetti obtained his BA in computer science in 1989, his BA in physics in 1990, and his M.Sc. in computer science in 1991, all from the Technion, Haifa. He received his PhD in 1995 from the Weizmann Institute, Rehovot under the supervision of Prof. Oded Goldreich. He then completed his post-doctoral training at the Lab of Computer Science, at the Massachusetts Institute of Technology (MIT) in 1996 under the supervision of Prof. Shafi Goldwasser. He then joined IBM’s T.J. Watson Research Cen ...
[...More Info...]      
[...Related Items...]     OR:     [Wikipedia]   [Google]   [Baidu]   [Amazon]




Victor Shoup
Victor Shoup is a computer scientist and mathematician. He obtained a PhD in computer science from the University of Wisconsin–Madison in 1989, and he did his undergraduate work at the University of Wisconsin-Eau Claire. He is a professor at the Courant Institute of Mathematical Sciences at New York University, focusing on algorithm and cryptography courses. He is currently a Principal Research Scientist at Offchain Labs and has held positions at AT&T Bell Labs, the University of Toronto, Saarland University, and the IBM Zurich Research Laboratory. Shoup's main research interests and contributions are computer algorithms relating to number theory, algebra, and cryptography. His contributions to these fields include: * The Cramer–Shoup cryptosystem asymmetric encryption algorithm bears his name. * His freely available (under the terms of the GNU GNU General Public License, GPL) C++ library of number theory algorithms, NTL, is widely used and well regarded for its high perfor ...
[...More Info...]      
[...Related Items...]     OR:     [Wikipedia]   [Google]   [Baidu]   [Amazon]


picture info

Certification Authority
In cryptography, a certificate authority or certification authority (CA) is an entity that stores, signs, and issues digital certificates. A digital certificate certifies the ownership of a public key by the named subject of the certificate. This allows others (relying parties) to rely upon signatures or on assertions made about the private key that corresponds to the certified public key. A CA acts as a trusted third party—trusted both by the subject (owner) of the certificate and by the party relying upon the certificate. The format of these certificates is specified by the X.509 or EMV standard. One particularly common use for certificate authorities is to sign certificates used in HTTPS, the secure browsing protocol for the World Wide Web. Another common use is in issuing identity cards by national governments for use in electronically signing documents. Overview Trusted certificates can be used to create secure connections to a server via the Internet. A certificate is ...
[...More Info...]      
[...Related Items...]     OR:     [Wikipedia]   [Google]   [Baidu]   [Amazon]


Common Reference String Model
In cryptography, the common reference string (CRS) model captures the assumption that a trusted setup in which all involved parties get access to the same string ''crs'' taken from some distribution ''D'' exists. Schemes proven secure in the CRS model are secure given that the setup was performed correctly. The common reference string model is a generalization of the common random string model, in which ''D'' is the uniform distribution of bit strings. As stated in, the CRS model is equivalent to the ''reference string model'' and the ''public parameters model''.Ivan Damgård: Efficient Concurrent Zero-Knowledge in the Auxiliary String Model. EUROCRYPT 2000: 418–43(link)/ref> The CRS model has applications in the study of non-interactive zero-knowledge proofs and universal composability The framework of universal composability (UC) is a general-purpose model for the analysis of cryptographic protocols. It guarantees very strong security properties. Protocols remain secure even ...
[...More Info...]      
[...Related Items...]     OR:     [Wikipedia]   [Google]   [Baidu]   [Amazon]


Standard Model (cryptography)
In cryptography the standard model is the model of computation in which the adversary is only limited by the amount of time and computational power available. Other names used are bare model and plain model. Cryptographic schemes are usually based on complexity assumptions, which state that some problems, such as factorization, cannot be solved in polynomial time. Schemes that can be proven secure using only complexity assumptions are said to be secure in the standard model. Security proofs are notoriously difficult to achieve in the standard model, so in many proofs, cryptographic primitives are replaced by idealized versions. The most common example of this technique, known as the random oracle model, involves replacing a cryptographic hash function with a genuinely random function. Another example is the generic group model, where the adversary is given access to a randomly chosen encoding of a group, instead of the finite field or elliptic curve groups used in practice. O ...
[...More Info...]      
[...Related Items...]     OR:     [Wikipedia]   [Google]   [Baidu]   [Amazon]


Bit Commitment
A commitment scheme is a cryptographic primitive that allows one to commit to a chosen value (or chosen statement) while keeping it hidden to others, with the ability to reveal the committed value later.Oded Goldreich (2001). Foundations of Cryptography': Volume 1, Basic Tools. Cambridge University Press. . Commitment schemes are designed so that a party cannot change the value or statement after they have committed to it: that is, commitment schemes are ''binding''. Commitment schemes have important applications in a number of cryptographic protocols including secure coin flipping, zero-knowledge proofs, and secure computation. A way to visualize a commitment scheme is to think of a sender as putting a message in a locked box, and giving the box to a receiver. The message in the box is hidden from the receiver, who cannot open the lock themselves. Since the receiver has the box, the message inside cannot be changed—merely revealed if the sender chooses to give them the key ...
[...More Info...]      
[...Related Items...]     OR:     [Wikipedia]   [Google]   [Baidu]   [Amazon]


picture info

Identifiers
An identifier is a name that identifies (that is, labels the identity of) either a unique object or a unique ''class'' of objects, where the "object" or class may be an idea, person, physical countable object (or class thereof), or physical mass noun, noncountable substance (or class thereof). The abbreviation ID often refers to identity, identification (the process of identifying), or an identifier (that is, an instance of identification). An identifier may be a word, number, letter, symbol, or any combination of those. The words, numbers, letters, or symbols may follow an code, encoding system (wherein letters, digits, words, or symbols ''stand for'' [represent] ideas or longer names) or they may simply be arbitrary. When an identifier follows an encoding system, it is often referred to as a code or id code. For instance the ISO/IEC 11179 metadata registry standard defines a code as ''system of valid symbols that substitute for longer values'' in contrast to identifiers wi ...
[...More Info...]      
[...Related Items...]     OR:     [Wikipedia]   [Google]   [Baidu]   [Amazon]


picture info

Mobile Device
A mobile device or handheld device is a computer small enough to hold and operate in hand. Mobile devices are typically battery-powered and possess a flat-panel display and one or more built-in input devices, such as a touchscreen or keypad. Modern mobile devices often emphasize wireless networking, to both the Internet and to other devices in their vicinity, such as headsets or in-car entertainment systems, via Wi-Fi, Bluetooth, cellular networks, or near-field communication. Characteristics Device mobility can be viewed in the context of several qualities: * Physical dimensions and weight * Whether the device is mobile or some kind of host to which it is attached is mobile * What kind of host devices it can be bound with * How devices communicate with a host * When mobility occurs Strictly speaking, many so-called mobile devices are not mobile. It is the host that is mobile, i.e., a mobile human host carries a non-mobile smartphone device. An example of a true mobile co ...
[...More Info...]      
[...Related Items...]     OR:     [Wikipedia]   [Google]   [Baidu]   [Amazon]