Abstract
We propose a new security measure for commitment protocols, called Universally Composable (UC) Commitment. The measure guarantees that commitment protocols behave like an "ideal commitment service," even when concurrently composed with an arbitrary set of protocols. This is a strong guarantee: it implies that security is maintained even when an unbounded number of copies of the scheme are running concurrently, it implies non-malleability (not only with respect to other copies of the same protocol but even with respect to other protocols), it provides resilience to selective decommitment, and more. Unfortunately, two-party UC commitment protocols do not exist in the plain model. However, we construct two-party UC commitment protocols, based on general complexity assumptions, in the common reference string model where all parties have access to a common string taken from a predetermined distribution. The protocols are non-interactive, in the sense that both the commitment and the opening phases consist of a single message from the committer to the receiver. © Springer-Verlag Berlin Heidelberg 2001.
Author supplied keywords
Cite
CITATION STYLE
Canetti, R., & Fischlin, M. (2001). Universally composable commitments. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 2139 LNCS, pp. 19–40). Springer Verlag. https://doi.org/10.1007/3-540-44647-8_2
Register to see more suggestions
Mendeley helps you to discover research relevant for your work.
