[{"project":[{"_id":"258AA5B2-B435-11E9-9278-68D0E5697425","name":"Teaching Old Crypto New Tricks","grant_number":"682815","call_identifier":"H2020"}],"status":"public","date_published":"2021-11-04T00:00:00Z","conference":{"location":"Raleigh, NC, United States","name":"TCC: Theory of Cryptography Conference","start_date":"2021-11-08","end_date":"2021-11-11"},"ec_funded":1,"external_id":{"isi":["000728364000014"]},"year":"2021","isi":1,"page":"397-428","quality_controlled":"1","main_file_link":[{"url":"https://eprint.iacr.org/2021/1224","open_access":"1"}],"publisher":"Springer Nature","doi":"10.1007/978-3-030-90453-1_14","alternative_title":["LNCS"],"article_processing_charge":"No","type":"conference","date_updated":"2023-08-14T13:07:46Z","_id":"10407","language":[{"iso":"eng"}],"oa":1,"user_id":"4359f0d1-fa6c-11eb-b949-802e58b17ae8","citation":{"chicago":"Chakraborty, Suvradip, Stefan Dziembowski, Małgorzata Gałązka, Tomasz Lizurej, Krzysztof Z Pietrzak, and Michelle X Yeo. “Trojan-Resilience without Cryptography,” 13043:397–428. Springer Nature, 2021. https://doi.org/10.1007/978-3-030-90453-1_14.","ista":"Chakraborty S, Dziembowski S, Gałązka M, Lizurej T, Pietrzak KZ, Yeo MX. 2021. Trojan-resilience without cryptography. TCC: Theory of Cryptography Conference, LNCS, vol. 13043, 397–428.","apa":"Chakraborty, S., Dziembowski, S., Gałązka, M., Lizurej, T., Pietrzak, K. Z., & Yeo, M. X. (2021). Trojan-resilience without cryptography (Vol. 13043, pp. 397–428). Presented at the TCC: Theory of Cryptography Conference, Raleigh, NC, United States: Springer Nature. https://doi.org/10.1007/978-3-030-90453-1_14","mla":"Chakraborty, Suvradip, et al. Trojan-Resilience without Cryptography. Vol. 13043, Springer Nature, 2021, pp. 397–428, doi:10.1007/978-3-030-90453-1_14.","ama":"Chakraborty S, Dziembowski S, Gałązka M, Lizurej T, Pietrzak KZ, Yeo MX. Trojan-resilience without cryptography. In: Vol 13043. Springer Nature; 2021:397-428. doi:10.1007/978-3-030-90453-1_14","ieee":"S. Chakraborty, S. Dziembowski, M. Gałązka, T. Lizurej, K. Z. Pietrzak, and M. X. Yeo, “Trojan-resilience without cryptography,” presented at the TCC: Theory of Cryptography Conference, Raleigh, NC, United States, 2021, vol. 13043, pp. 397–428.","short":"S. Chakraborty, S. Dziembowski, M. Gałązka, T. Lizurej, K.Z. Pietrzak, M.X. Yeo, in:, Springer Nature, 2021, pp. 397–428."},"month":"11","department":[{"_id":"KrPi"}],"abstract":[{"text":"Digital hardware Trojans are integrated circuits whose implementation differ from the specification in an arbitrary and malicious way. For example, the circuit can differ from its specified input/output behavior after some fixed number of queries (known as “time bombs”) or on some particular input (known as “cheat codes”). To detect such Trojans, countermeasures using multiparty computation (MPC) or verifiable computation (VC) have been proposed. On a high level, to realize a circuit with specification F one has more sophisticated circuits F⋄ manufactured (where F⋄ specifies a MPC or VC of F ), and then embeds these F⋄ ’s into a master circuit which must be trusted but is relatively simple compared to F . Those solutions impose a significant overhead as F⋄ is much more complex than F , also the master circuits are not exactly trivial. In this work, we show that in restricted settings, where F has no evolving state and is queried on independent inputs, we can achieve a relaxed security notion using very simple constructions. In particular, we do not change the specification of the circuit at all (i.e., F=F⋄ ). Moreover the master circuit basically just queries a subset of its manufactured circuits and checks if they’re all the same. The security we achieve guarantees that, if the manufactured circuits are initially tested on up to T inputs, the master circuit will catch Trojans that try to deviate on significantly more than a 1/T fraction of the inputs. This bound is optimal for the type of construction considered, and we provably achieve it using a construction where 12 instantiations of F need to be embedded into the master. We also discuss an extremely simple construction with just 2 instantiations for which we conjecture that it already achieves the optimal bound.","lang":"eng"}],"intvolume":" 13043","publication_identifier":{"eissn":["1611-3349"],"issn":["0302-9743"],"isbn":["9-783-0309-0452-4"]},"publication_status":"published","oa_version":"Preprint","title":"Trojan-resilience without cryptography","author":[{"last_name":"Chakraborty","full_name":"Chakraborty, Suvradip","id":"B9CD0494-D033-11E9-B219-A439E6697425","first_name":"Suvradip"},{"last_name":"Dziembowski","full_name":"Dziembowski, Stefan","first_name":"Stefan"},{"first_name":"Małgorzata","full_name":"Gałązka, Małgorzata","last_name":"Gałązka"},{"first_name":"Tomasz","full_name":"Lizurej, Tomasz","last_name":"Lizurej"},{"id":"3E04A7AA-F248-11E8-B48F-1D18A9856A87","full_name":"Pietrzak, Krzysztof Z","last_name":"Pietrzak","orcid":"0000-0002-9139-1654","first_name":"Krzysztof Z"},{"first_name":"Michelle X","id":"2D82B818-F248-11E8-B48F-1D18A9856A87","full_name":"Yeo, Michelle X","last_name":"Yeo"}],"scopus_import":"1","day":"04","date_created":"2021-12-05T23:01:42Z","volume":13043},{"date_created":"2022-01-09T23:01:27Z","volume":13091,"title":"Reverse firewalls for adaptively secure MPC without setup","oa_version":"Preprint","day":"01","scopus_import":"1","author":[{"first_name":"Suvradip","id":"B9CD0494-D033-11E9-B219-A439E6697425","full_name":"Chakraborty, Suvradip","last_name":"Chakraborty"},{"first_name":"Chaya","full_name":"Ganesh, Chaya","last_name":"Ganesh"},{"full_name":"Pancholi, Mahak","last_name":"Pancholi","first_name":"Mahak"},{"first_name":"Pratik","last_name":"Sarkar","full_name":"Sarkar, Pratik"}],"publication_identifier":{"issn":["0302-9743"],"isbn":["978-3-030-92074-6"],"eissn":["1611-3349"],"eisbn":["978-3-030-92075-3"]},"publication_status":"published","abstract":[{"text":"We study Multi-party computation (MPC) in the setting of subversion, where the adversary tampers with the machines of honest parties. Our goal is to construct actively secure MPC protocols where parties are corrupted adaptively by an adversary (as in the standard adaptive security setting), and in addition, honest parties’ machines are compromised.\r\nThe idea of reverse firewalls (RF) was introduced at EUROCRYPT’15 by Mironov and Stephens-Davidowitz as an approach to protecting protocols against corruption of honest parties’ devices. Intuitively, an RF for a party P is an external entity that sits between P and the outside world and whose scope is to sanitize P ’s incoming and outgoing messages in the face of subversion of their computer. Mironov and Stephens-Davidowitz constructed a protocol for passively-secure two-party computation. At CRYPTO’20, Chakraborty, Dziembowski and Nielsen constructed a protocol for secure computation with firewalls that improved on this result, both by extending it to multi-party computation protocol, and considering active security in the presence of static corruptions. In this paper, we initiate the study of RF for MPC in the adaptive setting. We put forward a definition for adaptively secure MPC in the reverse firewall setting, explore relationships among the security notions, and then construct reverse firewalls for MPC in this stronger setting of adaptive security. We also resolve the open question of Chakraborty, Dziembowski and Nielsen by removing the need for a trusted setup in constructing RF for MPC. Towards this end, we construct reverse firewalls for adaptively secure augmented coin tossing and adaptively secure zero-knowledge protocols and obtain a constant round adaptively secure MPC protocol in the reverse firewall setting without setup. Along the way, we propose a new multi-party adaptively secure coin tossing protocol in the plain model, that is of independent interest.","lang":"eng"}],"intvolume":" 13091","department":[{"_id":"KrPi"}],"month":"12","user_id":"4359f0d1-fa6c-11eb-b949-802e58b17ae8","citation":{"ama":"Chakraborty S, Ganesh C, Pancholi M, Sarkar P. Reverse firewalls for adaptively secure MPC without setup. In: 27th International Conference on the Theory and Application of Cryptology and Information Security. Vol 13091. Springer Nature; 2021:335-364. doi:10.1007/978-3-030-92075-3_12","ieee":"S. Chakraborty, C. Ganesh, M. Pancholi, and P. Sarkar, “Reverse firewalls for adaptively secure MPC without setup,” in 27th International Conference on the Theory and Application of Cryptology and Information Security, Virtual, Singapore, 2021, vol. 13091, pp. 335–364.","short":"S. Chakraborty, C. Ganesh, M. Pancholi, P. Sarkar, in:, 27th International Conference on the Theory and Application of Cryptology and Information Security, Springer Nature, 2021, pp. 335–364.","chicago":"Chakraborty, Suvradip, Chaya Ganesh, Mahak Pancholi, and Pratik Sarkar. “Reverse Firewalls for Adaptively Secure MPC without Setup.” In 27th International Conference on the Theory and Application of Cryptology and Information Security, 13091:335–64. Springer Nature, 2021. https://doi.org/10.1007/978-3-030-92075-3_12.","ista":"Chakraborty S, Ganesh C, Pancholi M, Sarkar P. 2021. Reverse firewalls for adaptively secure MPC without setup. 27th International Conference on the Theory and Application of Cryptology and Information Security. ASIACRYPT: International Conference on Cryptology in Asia, LNCS, vol. 13091, 335–364.","apa":"Chakraborty, S., Ganesh, C., Pancholi, M., & Sarkar, P. (2021). Reverse firewalls for adaptively secure MPC without setup. In 27th International Conference on the Theory and Application of Cryptology and Information Security (Vol. 13091, pp. 335–364). Virtual, Singapore: Springer Nature. https://doi.org/10.1007/978-3-030-92075-3_12","mla":"Chakraborty, Suvradip, et al. “Reverse Firewalls for Adaptively Secure MPC without Setup.” 27th International Conference on the Theory and Application of Cryptology and Information Security, vol. 13091, Springer Nature, 2021, pp. 335–64, doi:10.1007/978-3-030-92075-3_12."},"language":[{"iso":"eng"}],"oa":1,"type":"conference","_id":"10609","date_updated":"2023-08-17T06:34:41Z","publisher":"Springer Nature","alternative_title":["LNCS"],"article_processing_charge":"No","doi":"10.1007/978-3-030-92075-3_12","quality_controlled":"1","main_file_link":[{"url":"https://eprint.iacr.org/2021/1262","open_access":"1"}],"page":"335-364","external_id":{"isi":["000927876200012"]},"year":"2021","isi":1,"date_published":"2021-12-01T00:00:00Z","conference":{"location":"Virtual, Singapore","name":"ASIACRYPT: International Conference on Cryptology in Asia","end_date":"2021-12-10","start_date":"2021-12-06"},"ec_funded":1,"status":"public","publication":"27th International Conference on the Theory and Application of Cryptology and Information Security","project":[{"call_identifier":"H2020","name":"Teaching Old Crypto New Tricks","grant_number":"682815","_id":"258AA5B2-B435-11E9-9278-68D0E5697425"}]},{"year":"2021","project":[{"call_identifier":"H2020","grant_number":"665385","name":"International IST Doctoral Program","_id":"2564DBCA-B435-11E9-9278-68D0E5697425"},{"grant_number":"682815","name":"Teaching Old Crypto New Tricks","call_identifier":"H2020","_id":"258AA5B2-B435-11E9-9278-68D0E5697425"}],"status":"public","publication":"Topics in Cryptology – CT-RSA 2021","acknowledgement":"Guillermo Pascual-Perez and Michelle Yeo were funded by the European Union’s Horizon 2020 research and innovation programme under the Marie Skłodowska–Curie Grant Agreement No. 665385; the remaining contributors to this project have received funding from the European Research Council (ERC) under the European Union’s Horizon 2020 research and innovation programme (682815 - TOCNeT).","date_published":"2021-05-11T00:00:00Z","conference":{"name":"CT-RSA: Cryptographers’ Track at the RSA Conference","start_date":"2021-05-17","end_date":"2021-05-20","location":"Virtual Event"},"ec_funded":1,"publisher":"Springer Nature","doi":"10.1007/978-3-030-75539-3_17","article_processing_charge":"No","alternative_title":["LNCS"],"type":"conference","date_updated":"2023-02-23T14:09:56Z","_id":"9826","page":"399-421","quality_controlled":"1","main_file_link":[{"url":"https://eprint.iacr.org/2020/670","open_access":"1"}],"month":"05","department":[{"_id":"KrPi"},{"_id":"GradSch"}],"language":[{"iso":"eng"}],"oa":1,"user_id":"2DF688A6-F248-11E8-B48F-1D18A9856A87","citation":{"ama":"Auerbach B, Chakraborty S, Klein K, et al. Inverse-Sybil attacks in automated contact tracing. In: Topics in Cryptology – CT-RSA 2021. Vol 12704. Springer Nature; 2021:399-421. doi:10.1007/978-3-030-75539-3_17","ieee":"B. Auerbach et al., “Inverse-Sybil attacks in automated contact tracing,” in Topics in Cryptology – CT-RSA 2021, Virtual Event, 2021, vol. 12704, pp. 399–421.","short":"B. Auerbach, S. Chakraborty, K. Klein, G. Pascual Perez, K.Z. Pietrzak, M. Walter, M.X. Yeo, in:, Topics in Cryptology – CT-RSA 2021, Springer Nature, 2021, pp. 399–421.","ista":"Auerbach B, Chakraborty S, Klein K, Pascual Perez G, Pietrzak KZ, Walter M, Yeo MX. 2021. Inverse-Sybil attacks in automated contact tracing. Topics in Cryptology – CT-RSA 2021. CT-RSA: Cryptographers’ Track at the RSA Conference, LNCS, vol. 12704, 399–421.","chicago":"Auerbach, Benedikt, Suvradip Chakraborty, Karen Klein, Guillermo Pascual Perez, Krzysztof Z Pietrzak, Michael Walter, and Michelle X Yeo. “Inverse-Sybil Attacks in Automated Contact Tracing.” In Topics in Cryptology – CT-RSA 2021, 12704:399–421. Springer Nature, 2021. https://doi.org/10.1007/978-3-030-75539-3_17.","apa":"Auerbach, B., Chakraborty, S., Klein, K., Pascual Perez, G., Pietrzak, K. Z., Walter, M., & Yeo, M. X. (2021). Inverse-Sybil attacks in automated contact tracing. In Topics in Cryptology – CT-RSA 2021 (Vol. 12704, pp. 399–421). Virtual Event: Springer Nature. https://doi.org/10.1007/978-3-030-75539-3_17","mla":"Auerbach, Benedikt, et al. “Inverse-Sybil Attacks in Automated Contact Tracing.” Topics in Cryptology – CT-RSA 2021, vol. 12704, Springer Nature, 2021, pp. 399–421, doi:10.1007/978-3-030-75539-3_17."},"title":"Inverse-Sybil attacks in automated contact tracing","oa_version":"Submitted Version","author":[{"orcid":"0000-0002-7553-6606","first_name":"Benedikt","last_name":"Auerbach","full_name":"Auerbach, Benedikt","id":"D33D2B18-E445-11E9-ABB7-15F4E5697425"},{"first_name":"Suvradip","full_name":"Chakraborty, Suvradip","id":"B9CD0494-D033-11E9-B219-A439E6697425","last_name":"Chakraborty"},{"full_name":"Klein, Karen","id":"3E83A2F8-F248-11E8-B48F-1D18A9856A87","last_name":"Klein","first_name":"Karen"},{"first_name":"Guillermo","id":"2D7ABD02-F248-11E8-B48F-1D18A9856A87","full_name":"Pascual Perez, Guillermo","last_name":"Pascual Perez"},{"orcid":"0000-0002-9139-1654","first_name":"Krzysztof Z","full_name":"Pietrzak, Krzysztof Z","id":"3E04A7AA-F248-11E8-B48F-1D18A9856A87","last_name":"Pietrzak"},{"id":"488F98B0-F248-11E8-B48F-1D18A9856A87","full_name":"Walter, Michael","last_name":"Walter","first_name":"Michael","orcid":"0000-0003-3186-2482"},{"first_name":"Michelle X","full_name":"Yeo, Michelle X","id":"2D82B818-F248-11E8-B48F-1D18A9856A87","last_name":"Yeo"}],"scopus_import":"1","day":"11","date_created":"2021-08-08T22:01:30Z","volume":12704,"abstract":[{"text":"Automated contract tracing aims at supporting manual contact tracing during pandemics by alerting users of encounters with infected people. There are currently many proposals for protocols (like the “decentralized” DP-3T and PACT or the “centralized” ROBERT and DESIRE) to be run on mobile phones, where the basic idea is to regularly broadcast (using low energy Bluetooth) some values, and at the same time store (a function of) incoming messages broadcasted by users in their proximity. In the existing proposals one can trigger false positives on a massive scale by an “inverse-Sybil” attack, where a large number of devices (malicious users or hacked phones) pretend to be the same user, such that later, just a single person needs to be diagnosed (and allowed to upload) to trigger an alert for all users who were in proximity to any of this large group of devices.\r\n\r\nWe propose the first protocols that do not succumb to such attacks assuming the devices involved in the attack do not constantly communicate, which we observe is a necessary assumption. The high level idea of the protocols is to derive the values to be broadcasted by a hash chain, so that two (or more) devices who want to launch an inverse-Sybil attack will not be able to connect their respective chains and thus only one of them will be able to upload. Our protocols also achieve security against replay, belated replay, and one of them even against relay attacks.","lang":"eng"}],"intvolume":" 12704","publication_identifier":{"eissn":["16113349"],"issn":["03029743"],"isbn":["9783030755386"]},"publication_status":"published"},{"page":"220-246","main_file_link":[{"open_access":"1","url":"https://eprint.iacr.org/2020/090"}],"quality_controlled":"1","doi":"10.1007/978-3-030-45374-9_8","article_processing_charge":"No","editor":[{"last_name":"Kiayias","full_name":"Kiayias, A","first_name":"A"}],"publisher":"Springer Nature","date_updated":"2023-09-05T15:10:02Z","_id":"10865","type":"book_chapter","series_title":"LNCS","publication":"Public-Key Cryptography","status":"public","acknowledgement":"We would like to thank the anonymous reviewers of PKC 2019 for their useful comments and suggestions. We thank Omer Paneth for pointing out to us the connection between Unique Witness Maps (UWM) and Witness encryption (WE). The first author would like to acknowledge Pandu Rangan for his involvement during the initial discussion phase of the project.","date_published":"2020-04-29T00:00:00Z","year":"2020","abstract":[{"lang":"eng","text":"We introduce the notion of Witness Maps as a cryptographic notion of a proof system. A Unique Witness Map (UWM) deterministically maps all witnesses for an NP statement to a single representative witness, resulting in a computationally sound, deterministic-prover, non-interactive witness independent proof system. A relaxation of UWM, called Compact Witness Map (CWM), maps all the witnesses to a small number of witnesses, resulting in a “lossy” deterministic-prover, non-interactive proof-system. We also define a Dual Mode Witness Map (DMWM) which adds an “extractable” mode to a CWM.\r\nOur main construction is a DMWM for all NP relations, assuming sub-exponentially secure indistinguishability obfuscation ( iO ), along with standard cryptographic assumptions. The DMWM construction relies on a CWM and a new primitive called Cumulative All-Lossy-But-One Trapdoor Functions (C-ALBO-TDF), both of which are in turn instantiated based on iO and other primitives. Our instantiation of a CWM is in fact a UWM; in turn, we show that a UWM implies Witness Encryption. Along the way to constructing UWM and C-ALBO-TDF, we also construct, from standard assumptions, Puncturable Digital Signatures and a new primitive called Cumulative Lossy Trapdoor Functions (C-LTDF). The former improves up on a construction of Bellare et al. (Eurocrypt 2016), who relied on sub-exponentially secure iO and sub-exponentially secure OWF.\r\nAs an application of our constructions, we show how to use a DMWM to construct the first leakage and tamper-resilient signatures with a deterministic signer, thereby solving a decade old open problem posed by Katz and Vaikunthanathan (Asiacrypt 2009), by Boyle, Segev and Wichs (Eurocrypt 2011), as well as by Faonio and Venturi (Asiacrypt 2016). Our construction achieves the optimal leakage rate of 1−o(1) ."}],"intvolume":" 12110","publication_status":"published","publication_identifier":{"isbn":["9783030453732","9783030453749"],"issn":["0302-9743"],"eissn":["1611-3349"]},"author":[{"first_name":"Suvradip","full_name":"Chakraborty, Suvradip","id":"B9CD0494-D033-11E9-B219-A439E6697425","last_name":"Chakraborty"},{"first_name":"Manoj","last_name":"Prabhakaran","full_name":"Prabhakaran, Manoj"},{"last_name":"Wichs","full_name":"Wichs, Daniel","first_name":"Daniel"}],"scopus_import":"1","day":"29","oa_version":"Preprint","title":"Witness maps and applications","volume":12110,"date_created":"2022-03-18T11:35:51Z","oa":1,"language":[{"iso":"eng"}],"place":"Cham","citation":{"chicago":"Chakraborty, Suvradip, Manoj Prabhakaran, and Daniel Wichs. “Witness Maps and Applications.” In Public-Key Cryptography, edited by A Kiayias, 12110:220–46. LNCS. Cham: Springer Nature, 2020. https://doi.org/10.1007/978-3-030-45374-9_8.","ista":"Chakraborty S, Prabhakaran M, Wichs D. 2020.Witness maps and applications. In: Public-Key Cryptography. vol. 12110, 220–246.","mla":"Chakraborty, Suvradip, et al. “Witness Maps and Applications.” Public-Key Cryptography, edited by A Kiayias, vol. 12110, Springer Nature, 2020, pp. 220–46, doi:10.1007/978-3-030-45374-9_8.","apa":"Chakraborty, S., Prabhakaran, M., & Wichs, D. (2020). Witness maps and applications. In A. Kiayias (Ed.), Public-Key Cryptography (Vol. 12110, pp. 220–246). Cham: Springer Nature. https://doi.org/10.1007/978-3-030-45374-9_8","ama":"Chakraborty S, Prabhakaran M, Wichs D. Witness maps and applications. In: Kiayias A, ed. Public-Key Cryptography. Vol 12110. LNCS. Cham: Springer Nature; 2020:220-246. doi:10.1007/978-3-030-45374-9_8","short":"S. Chakraborty, M. Prabhakaran, D. Wichs, in:, A. Kiayias (Ed.), Public-Key Cryptography, Springer Nature, Cham, 2020, pp. 220–246.","ieee":"S. Chakraborty, M. Prabhakaran, and D. Wichs, “Witness maps and applications,” in Public-Key Cryptography, vol. 12110, A. Kiayias, Ed. Cham: Springer Nature, 2020, pp. 220–246."},"user_id":"c635000d-4b10-11ee-a964-aac5a93f6ac1","month":"04"},{"year":"2020","conference":{"location":"Santa Barbara, CA, United States","name":"CRYPTO: Annual International Cryptology Conference","start_date":"2020-08-17","end_date":"2020-08-21"},"acknowledgement":"We would like to thank the anonymous reviewers for their helpful comments and suggestions. The work was initiated while the first author was in IIT Madras, India. Part of this work was done while the author was visiting the University of Warsaw. This project has received funding from the European Research Council (ERC) under the European Union’s Horizon 2020 research and innovation programme (682815 - TOCNeT) and from the Foundation for Polish Science under grant TEAM/2016-1/4 founded within the UE 2014–2020 Smart Growth Operational Program. The last author was supported by the Independent Research Fund Denmark project BETHE and the Concordium Blockchain Research Center, Aarhus University, Denmark.","date_published":"2020-08-10T00:00:00Z","ec_funded":1,"project":[{"call_identifier":"H2020","grant_number":"682815","name":"Teaching Old Crypto New Tricks","_id":"258AA5B2-B435-11E9-9278-68D0E5697425"}],"status":"public","publication":"Advances in Cryptology – CRYPTO 2020","type":"conference","date_updated":"2021-01-12T08:18:08Z","_id":"8322","publisher":"Springer Nature","doi":"10.1007/978-3-030-56880-1_26","article_processing_charge":"No","alternative_title":["LNCS"],"quality_controlled":"1","main_file_link":[{"open_access":"1","url":"https://eprint.iacr.org/2019/1317"}],"page":"732-762","department":[{"_id":"KrPi"}],"month":"08","user_id":"2DF688A6-F248-11E8-B48F-1D18A9856A87","citation":{"mla":"Chakraborty, Suvradip, et al. “Reverse Firewalls for Actively Secure MPCs.” Advances in Cryptology – CRYPTO 2020, vol. 12171, Springer Nature, 2020, pp. 732–62, doi:10.1007/978-3-030-56880-1_26.","apa":"Chakraborty, S., Dziembowski, S., & Nielsen, J. B. (2020). Reverse firewalls for actively secure MPCs. In Advances in Cryptology – CRYPTO 2020 (Vol. 12171, pp. 732–762). Santa Barbara, CA, United States: Springer Nature. https://doi.org/10.1007/978-3-030-56880-1_26","ista":"Chakraborty S, Dziembowski S, Nielsen JB. 2020. Reverse firewalls for actively secure MPCs. Advances in Cryptology – CRYPTO 2020. CRYPTO: Annual International Cryptology Conference, LNCS, vol. 12171, 732–762.","chicago":"Chakraborty, Suvradip, Stefan Dziembowski, and Jesper Buus Nielsen. “Reverse Firewalls for Actively Secure MPCs.” In Advances in Cryptology – CRYPTO 2020, 12171:732–62. Springer Nature, 2020. https://doi.org/10.1007/978-3-030-56880-1_26.","short":"S. Chakraborty, S. Dziembowski, J.B. Nielsen, in:, Advances in Cryptology – CRYPTO 2020, Springer Nature, 2020, pp. 732–762.","ieee":"S. Chakraborty, S. Dziembowski, and J. B. Nielsen, “Reverse firewalls for actively secure MPCs,” in Advances in Cryptology – CRYPTO 2020, Santa Barbara, CA, United States, 2020, vol. 12171, pp. 732–762.","ama":"Chakraborty S, Dziembowski S, Nielsen JB. Reverse firewalls for actively secure MPCs. In: Advances in Cryptology – CRYPTO 2020. Vol 12171. Springer Nature; 2020:732-762. doi:10.1007/978-3-030-56880-1_26"},"language":[{"iso":"eng"}],"oa":1,"date_created":"2020-08-30T22:01:12Z","volume":12171,"oa_version":"Preprint","title":"Reverse firewalls for actively secure MPCs","author":[{"id":"B9CD0494-D033-11E9-B219-A439E6697425","full_name":"Chakraborty, Suvradip","last_name":"Chakraborty","first_name":"Suvradip"},{"last_name":"Dziembowski","full_name":"Dziembowski, Stefan","first_name":"Stefan"},{"last_name":"Nielsen","full_name":"Nielsen, Jesper Buus","first_name":"Jesper Buus"}],"day":"10","scopus_import":"1","publication_status":"published","publication_identifier":{"issn":["03029743"],"isbn":["9783030568795"],"eissn":["16113349"]},"abstract":[{"lang":"eng","text":"Reverse firewalls were introduced at Eurocrypt 2015 by Miro-nov and Stephens-Davidowitz, as a method for protecting cryptographic protocols against attacks on the devices of the honest parties. In a nutshell: a reverse firewall is placed outside of a device and its goal is to “sanitize” the messages sent by it, in such a way that a malicious device cannot leak its secrets to the outside world. It is typically assumed that the cryptographic devices are attacked in a “functionality-preserving way” (i.e. informally speaking, the functionality of the protocol remains unchanged under this attacks). In their paper, Mironov and Stephens-Davidowitz construct a protocol for passively-secure two-party computations with firewalls, leaving extension of this result to stronger models as an open question.\r\nIn this paper, we address this problem by constructing a protocol for secure computation with firewalls that has two main advantages over the original protocol from Eurocrypt 2015. Firstly, it is a multiparty computation protocol (i.e. it works for an arbitrary number n of the parties, and not just for 2). Secondly, it is secure in much stronger corruption settings, namely in the active corruption model. More precisely: we consider an adversary that can fully corrupt up to 𝑛−1 parties, while the remaining parties are corrupt in a functionality-preserving way.\r\nOur core techniques are: malleable commitments and malleable non-interactive zero-knowledge, which in particular allow us to create a novel protocol for multiparty augmented coin-tossing into the well with reverse firewalls (that is based on a protocol of Lindell from Crypto 2001)."}],"intvolume":" 12171"}]