International Association for Cryptologic Research

International Association
for Cryptologic Research


Paper: David and Goliath Commitments: UC Computation for Asymmetric Parties Using Tamper-Proof Hardware

Tal Moran
Gil Segev
Search ePrint
Search Google
Abstract: Designing secure protocols in the Universal Composability (UC) framework confers many advantages. In particular, it allows the protocols to be securely used as building blocks in more complex protocols, and assists in understanding their security properties. Unfortunately, most existing models in which universally composable computation is possible (for useful functionalities) require a trusted setup stage. Recently, Katz [Eurocrypt '07] proposed an alternative to the trusted setup assumption: tamper-proof hardware. Instead of trusting a third party to correctly generate the setup information, each party can create its own hardware tokens, which it sends to the other parties. Each party is only required to trust that its own tokens are tamper-proof. Katz designed a UC commitment protocol that requires both parties to generate hardware tokens. In addition, his protocol relies on a specific number-theoretic assumption. In this paper, we construct UC commitment protocols for ``David'' and ``Goliath'': we only require a single party (Goliath) to be capable of generating tokens. We construct a version of the protocol that is secure for computationally unbounded parties, and a more efficient version that makes computational assumptions only about David (we require only the existence of a one-way function). Our protocols are simple enough to be performed by hand on David's side. These properties may allow such protocols to be used in situations which are inherently asymmetric in real-life, especially those involving individuals versus large organizations. Classic examples include voting protocols (voters versus ``the government'') and protocols involving private medical data (patients versus insurance-agencies or hospitals).
  title={David and Goliath Commitments: UC Computation for Asymmetric Parties Using Tamper-Proof Hardware},
  booktitle={IACR Eprint archive},
  keywords={cryptographic protocols / Universal Composability, Tamper-Proof Hardware},
  note={Eurocrypt 2008; This is a longer version of the paper 13909 received 29 Jan 2008, last revised 31 Jan 2008},
  author={Tal Moran and Gil Segev},