[MA] Composable Definitions of Long-Term Security for Commitment Schemes and their Applications

  • Name:

    Composable Definitions of Long-Term Security for Commitment Schemes and their Applications

  • Venue:

    https://i62bbb.tm.kit.edu/b/mic-7xx-rfr

  • Date:

    2021-03-25

  • Time:

    16:30

  • What happens if a cryptographic assumption eventually turns out not to hold and in which way does it affect the security of cryptographic protocols?

    One might consider on updating the security assumption and prove the security of the updated protocol with this new security assumption including the update procedure.
    But how to prove the security of the updated protocol and the update procedure?
    One way might be to prove the protocol in question as long-term UC secure, a security framework which assumes that an adversary is unbounded after the computation of the protocol is completed and therefore computational assumptions do not hold once the protocol has finished its computation.
    Additionally, for long-term UC security are impossibility results shown, especially for commitment protocols.
    Therefore the notion of long-term UC security may be too strong if one wants to prove security against adversaries that increase their computational power during the computation since such an adversary is still computationally bounded, even after the computation of a protocol is completed.

    In this thesis, we define a relaxed notion of long-term UC security, called F^post security.

    Additionally, we show an example of an update protocol.