Wikipedia

Secure two-party computation: Difference between revisions

Browse history interactively
← Previous editNext edit →
Content deleted Content added
VisualWikitext
OAbot (talk | contribs)
Bots
643,717 edits
m Open access bot: doi updated in citation with #oabot.
Citation bot (talk | contribs)
Bots
5,868,250 edits
Removed proxy/dead URL that duplicated identifier. | Use this bot. Report bugs. | Suggested by Corvus florensis | #UCB_webform 1312/1612
Line 7:
 
==Security==
The security of a two-party computation protocol is usually defined through a comparison with an idealised scenario that is secure by definition.<ref>{{Cite journal |last1=Lindell |first1=Yehuda |last2=Pinkas |first2=Benny |title=An Efficient Protocol for Secure Two-Party Computation in the Presence of Malicious Adversaries |url=http://link.springer.com/10.1007/s00145-014-9177-x |journal=Journal of Cryptology |year=2015 |language=en |volume=28 |issue=2 |pages=312–350 |doi=10.1007/s00145-014-9177-x |s2cid=253638839 |issn=0933-2790|doi-access=free }}</ref> The idealised scenario involves a [[Trusted third party|trusted party]] that collects the input of the two parties mostly client and server over [[secure channel]]s and returns the result if none of the parties chooses to abort.<ref>{{Citation |last1=Crépeau |first1=Claude |title=Statistical Security Conditions for Two-Party Secure Function Evaluation |date=2008 |url=http://link.springer.com/10.1007/978-3-540-85093-9_9 |work=Information Theoretic Security |volume=5155 |pages=86–99 |editor-last=Safavi-Naini |editor-first=Reihaneh |place=Berlin, Heidelberg |publisher=Springer Berlin Heidelberg |language=en |doi=10.1007/978-3-540-85093-9_9 |isbn=978-3-540-85092-2 |access-date=2022-10-19 |last2=Wullschleger |first2=Jürg|series=Lecture Notes in Computer Science }}</ref> The cryptographic two-party computation protocol is secure, if it behaves no worse than this ideal protocol, but without the additional [[trust (social sciences)|trust]] [[:wikt:assumption|assumptions]]. This is usually modeled using a simulator. The task of the simulator is to act as a wrapper around the idealised protocol to make it appear like the cryptographic protocol. The simulation succeeds with respect to an [[Information theory|information theoretic]], respectively [[computationally bounded adversary]] if the output of the simulator is [[statistically close]] to, respectively [[computationally indistinguishable]] from the output of the cryptographic protocol. A two-party computation protocol is secure if for all adversaries there exists a successful simulator.
 
==See also==
Retrieved from "https://en.wikipedia.org/wiki/Secure_two-party_computation"