International Association for Cryptologic Research

International Association
for Cryptologic Research


Paper: On the Feasibility of Consistent Computations

Sven Laur
Helger Lipmaa
Search ePrint
Search Google
Abstract: In many practical settings, participants are willing to deviate from the protocol only if they remain undetected. Aumann and Lindell introduced a concept of covert adversaries to formalize this type of corruption. In the current paper, we refine their model to get stronger security guarantees. Namely, we show how to construct protocols, where malicious participants cannot learn anything beyond their intended outputs and honest participants can detect malicious behavior that alters their outputs. As this construction does not protect honest parties from selective protocol failures, a valid corruption complaint can leak a single bit of information about the inputs of honest parties. Importantly, it is often up to the honest party to decide whether to complain or not. This potential leakage is often compensated by gains in efficiency---many standard zero-knowledge proof steps can be omitted. As a concrete practical contribution, we show how to implement consistent versions of several important cryptographic protocols such as oblivious transfer, conditional disclosure of secrets and private inference control.
  title={On the Feasibility of Consistent Computations},
  booktitle={IACR Eprint archive},
  keywords={Consistency, equivocal   and extractable commitment, oblivious transfer, private inference   control},
  note={PKC 2010 (this is the full version) 14680 received 7 Mar 2006, last revised 12 Mar 2010},
  author={Sven Laur and Helger Lipmaa},