TY - GEN
T1 - On adaptive vs. Non-adaptive security of multiparty protocols
AU - Canetti, Ran
AU - Damgaard, Ivan
AU - Dziembowski, Stefan
AU - Ishai, Yuval
AU - Malkin, Tal
N1 - Publisher Copyright:
© Springer-Verlag Berlin Heidelberg 2001.
PY - 2001
Y1 - 2001
N2 - Security analysis of multiparty cryptographic protocols distinguishes between two types of adversarialsettings: In the non-adaptive setting, the set of corrupted parties is chosen in advance, before the interaction begins. In the adaptive setting, the adversary chooses who to corrupt during the course of the computation. We study the relations between adaptive security (i.e., security in the adaptive setting) and non-adaptive security, according to two definitions and in severalmo dels of computation. While affirming some prevailing beliefs, we also obtain some unexpected results. Some highlights of our results are: - According to the definition of Dodis-Micali-Rogaway (which is set in the information-theoretic model), adaptive and non-adaptive security are equivalent. This holds for both honest-but-curious and Byzantine adversaries, and for any number of parties. - According to the definition of Canetti, for honest-but-curious adversaries, adaptive security is equivalent to non-adaptive security when the number of parties is logarithmic, and is strictly stronger than non-adaptive security when the number of parties is superlogarithmic. For Byzantine adversaries, adaptive security is strictly stronger than non-adaptive security, for any number of parties.
AB - Security analysis of multiparty cryptographic protocols distinguishes between two types of adversarialsettings: In the non-adaptive setting, the set of corrupted parties is chosen in advance, before the interaction begins. In the adaptive setting, the adversary chooses who to corrupt during the course of the computation. We study the relations between adaptive security (i.e., security in the adaptive setting) and non-adaptive security, according to two definitions and in severalmo dels of computation. While affirming some prevailing beliefs, we also obtain some unexpected results. Some highlights of our results are: - According to the definition of Dodis-Micali-Rogaway (which is set in the information-theoretic model), adaptive and non-adaptive security are equivalent. This holds for both honest-but-curious and Byzantine adversaries, and for any number of parties. - According to the definition of Canetti, for honest-but-curious adversaries, adaptive security is equivalent to non-adaptive security when the number of parties is logarithmic, and is strictly stronger than non-adaptive security when the number of parties is superlogarithmic. For Byzantine adversaries, adaptive security is strictly stronger than non-adaptive security, for any number of parties.
UR - http://www.scopus.com/inward/record.url?scp=3242671938&partnerID=8YFLogxK
U2 - 10.1007/3-540-44987-6_17
DO - 10.1007/3-540-44987-6_17
M3 - ???researchoutput.researchoutputtypes.contributiontobookanthology.conference???
AN - SCOPUS:3242671938
SN - 3540420703
T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
SP - 262
EP - 279
BT - Advances in Cryptology - EUROCRYPT 2001 - International Conference on the Theory and Application of Cryptographic Techniques, Proceedings
A2 - Pfitzmann, Birgit
T2 - International Conference on the Theory and Application of Cryptographic Techniques, EUROCRYPT 2001
Y2 - 6 May 2001 through 10 May 2001
ER -