Abstract-In a secure message transmission (SMT) scenario a sender wants to send a message in a private and reliable way to a receiver. Sender and receiver are connected by n vertex disjoint paths, referred to as wires, t of which can be controlled by an adaptive adversary with unlimited computational resources. In Eurocrypt 2008, Garay and Ostrovsky considered an SMT scenario where sender and receiver have access to a public discussion channel and showed that secure and reliable communication is possible when n ≥ t + 1. In this paper we will show that a secure protocol requires at least 3 rounds of communication and 2 rounds invocation of the public channel and hence give a complete answer to the open question raised by Garay and Ostrovsky. We also describe a round optimal protocol that has constant transmission rate over the public channel.
Secure message transmission assumes n channels between a sender and a receiver such that up to t channels are under the control of a computationally unlimited adversary. In secure message transmission by public discussion protocol, sender and receiver have access to a public authenticated channel. In this paper we show that if n ≥ t + 1, a secure protocol requires at least 3 rounds of communication and 2 rounds invocation of the public channel. This gives a complete answer to a question raised by Garay and Ostrovsky in Eurocrypt 2008. We also describe a round optimal protocol that has constant transmission rate over the public channel. I. INTRODUCTION Dolev, Dwork, Waarts and Yung [1] introduced SecureMessage Transmission (SMT) systems to address the problem of delivering a message chosen by a sender S to a receiver R in a network guaranteeing reliability and privacy. In the SMT model S is connected to R by n node disjoint paths, referred to as wires, of them at most t is controlled by the adversary with unlimited computational power. One of the main motivations for this model is to reduce connectivity requirement in secure multiparty protocols. Traditionally these protocols require a secure and reliable channel between every two nodes. This assumption cannot be satisfied in many scenarios and so it is natural to study implementation of secure and reliable point-topoint communication in these networks under reasonable assumptions. A perfectly secure message transmission or PSMT for short, guarantees that R always receive the sent message but the adversary does not learn anything about it.The original definition of perfect security and privacy was relaxed by Franklin and Wright [4] who considered SMT protocols with probabilistic security, referred to as almost SMT protocols in this paper. Almost SMT protocols have two parameters ε and δ, where ε upper bounds the advantage of the adversary in breaking privacy, and δ upper bounds the probability that R fails to recover the sent message. The special case with ε = δ = 0 is a PSMT protocol.Connectivity requirements of PSMT protocols for different number of rounds and constructions of optimal protocols have been widely studied [1], [3], [7]. In particular it was shown that PSMT is possible if and only if n ≥ 2t + 1. Franklin and Wright [4] considered a model where an additional reliable broadcast channel is available to S and R. A broadcast channel guarantees that all nodes of the network receive the same message. We refer to the model as Broadcast Model (BM). It was shown that PSMT in BM requires n ≥ 2t + 1 but
In Secure message transmission (SMT) protocols two nodes in a network want to communicate securely, given that some of the nodes in the network are corrupted by an adversary with unlimited computational power. An SMT protocol uses multiple paths between the sender and a receiver to guarantee privacy and reliability of the message transmission. An (ϵ, δ)-SMT protocol bounds the adversary's success probability of breaking privacy and reliability to ε and δ, respectively. Rate optimal SMT protocols have the smallest transmission rate (amount of communication per one bit of message). Rate optimal protocols have been constructed for a restricted set of parameters.In this paper we use wire virtualization method to construct new optimal protocols for a wide range of parameters using previously known optimal protocols. In particular, we design, for the first time, an optimal 1-round (0, δ)-SMT protocol for n = (2 + c)t, c ≥ 1 t , where n is the number of paths between the sender and the receiver, up to t of which are controlled by the adversary. We also design an optimal 2-round (0, 0)-SMT protocol for n = (2 + c)t, c ≥ 1 t , with communication cost better than the known protocols. The wire virtualization method can be used to construct other protocols with provable properties from component protocols.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.
customersupport@researchsolutions.com
10624 S. Eastern Ave., Ste. A-614
Henderson, NV 89052, USA
Copyright © 2024 scite LLC. All rights reserved.
Made with 💙 for researchers
Part of the Research Solutions Family.