Using Probabilistic I/O Automata to Analyze an Oblivious Transfer Protocol

Canetti, Ran; Cheung, Ling; Kaynar, Dilsun; Liskov, Moses; Lynch, Nancy; Olivier; Segala, Roberto

Author(s)

Canetti, Ran; Cheung, Ling; Kaynar, Dilsun; Liskov, Moses; Lynch, Nancy; ... Show more

DownloadMIT-CSAIL-TR-2005-055.ps (124.5Mb)

Additional downloads

Other Contributors

Theory of Distributed Systems

Metadata

Show full item record

Abstract

We demonstrate how to carry out cryptographic security analysis ofdistributed protocols within the Probabilistic I/O Automata frameworkof Lynch, Segala, and Vaandrager.This framework provides tools for arguing rigorously about theconcurrency and scheduling aspects of protocols, and about protocolspresented at different levels of abstraction.Consequently, it can help in making cryptographic analysis moreprecise and less susceptible to errors.We concentrate on a relatively simple two-party Oblivious Transferprotocol, in the presence of a semi-honest adversary (essentially, aneavesdropper).For the underlying cryptographic notion of security, we use a versionof Canetti's Universally Composable security.In spite of the relative simplicity of the example, the exercise isquite nontrivial.It requires taking many fundamental issues into account,including nondeterministic behavior, scheduling, resource-boundedcomputation, and computational hardness assumptions for cryptographicprimitives.

Date issued

2005-08-19

URI

http://hdl.handle.net/1721.1/30566

Other identifiers

MIT-CSAIL-TR-2005-055

MIT-LCS-TR-1001

Series/Report no.

Massachusetts Institute of Technology Computer Science and Artificial Intelligence Laboratory

DSpace@MIT