International Association for Cryptologic Research

International Association
for Cryptologic Research


Paper: Universally Composable Security: A New Paradigm for Cryptographic Protocols

Ran Canetti
Search ePrint
Search Google
Abstract: We present a general framework for representing cryptographic protocols and analyzing their security. The framework allows specifying the security requirements of practically any cryptographic task in a unified and systematic way. Furthermore, in this framework the security of protocols is maintained under a general protocol composition operation, called universal composition. The proposed framework with its security-preserving composition property allow for modular design and analysis of complex cryptographic protocols from relatively simple building blocks. Moreover, within this framework, protocols are guaranteed to maintain their security within any context, even in the presence of an unbounded number of arbitrary protocol instances that run concurrently in an adversarially controlled manner. This is a useful guarantee, that allows arguing about the security of cryptographic protocols in complex and unpredictable environments such as modern communication networks.
  title={Universally Composable Security: A New Paradigm for Cryptographic Protocols},
  booktitle={IACR Eprint archive},
  keywords={foundations / cryptographic protocols, security analysis of protocols, concurrent composition.},
  note={Extended Abstract appeared in proceedings of the 42nd Symposium on Foundations of Computer Science (FOCS), 2001. 13131 received 22 Dec 2000, last revised 13 Dec 2005},
  author={Ran Canetti},