Abstract-In a secure message transmission (SMT) scenario a sender wants to send a message in a private and reliable way to a receiver. Sender and receiver are connected by n vertex disjoint paths, referred to as wires, t of which can be controlled by an adaptive adversary with unlimited computational resources. In Eurocrypt 2008, Garay and Ostrovsky considered an SMT scenario where sender and receiver have access to a public discussion channel and showed that secure and reliable communication is possible when n ≥ t + 1. In this paper we will show that a secure protocol requires at least 3 rounds of communication and 2 rounds invocation of the public channel and hence give a complete answer to the open question raised by Garay and Ostrovsky. We also describe a round optimal protocol that has constant transmission rate over the public channel.
Secure message transmission assumes n channels between a sender and a receiver such that up to t channels are under the control of a computationally unlimited adversary. In secure message transmission by public discussion protocol, sender and receiver have access to a public authenticated channel. In this paper we show that if n ≥ t + 1, a secure protocol requires at least 3 rounds of communication and 2 rounds invocation of the public channel. This gives a complete answer to a question raised by Garay and Ostrovsky in Eurocrypt 2008. We also describe a round optimal protocol that has constant transmission rate over the public channel. I. INTRODUCTION Dolev, Dwork, Waarts and Yung [1] introduced SecureMessage Transmission (SMT) systems to address the problem of delivering a message chosen by a sender S to a receiver R in a network guaranteeing reliability and privacy. In the SMT model S is connected to R by n node disjoint paths, referred to as wires, of them at most t is controlled by the adversary with unlimited computational power. One of the main motivations for this model is to reduce connectivity requirement in secure multiparty protocols. Traditionally these protocols require a secure and reliable channel between every two nodes. This assumption cannot be satisfied in many scenarios and so it is natural to study implementation of secure and reliable point-topoint communication in these networks under reasonable assumptions. A perfectly secure message transmission or PSMT for short, guarantees that R always receive the sent message but the adversary does not learn anything about it.The original definition of perfect security and privacy was relaxed by Franklin and Wright [4] who considered SMT protocols with probabilistic security, referred to as almost SMT protocols in this paper. Almost SMT protocols have two parameters ε and δ, where ε upper bounds the advantage of the adversary in breaking privacy, and δ upper bounds the probability that R fails to recover the sent message. The special case with ε = δ = 0 is a PSMT protocol.Connectivity requirements of PSMT protocols for different number of rounds and constructions of optimal protocols have been widely studied [1], [3], [7]. In particular it was shown that PSMT is possible if and only if n ≥ 2t + 1. Franklin and Wright [4] considered a model where an additional reliable broadcast channel is available to S and R. A broadcast channel guarantees that all nodes of the network receive the same message. We refer to the model as Broadcast Model (BM). It was shown that PSMT in BM requires n ≥ 2t + 1 but
Abstract. In Secure Message Transmission (SMT) problem, a sender S is connected to a receiver R through N node disjoint bidirectional paths in the network, t of which are controlled by an adversary with unlimited computational power. S wants to send a message m to R in a reliable and private way. It is proved that SMT is possible if and only if N ≥ 2t+1. In Reliable Message Transmission (RMT) problem, the network setting is the same and the goal is to provide reliability for communication, only. In this paper we focus on 1-round δ-RMT and (0, δ)-SMT where the chance of protocol failure (receiver cannot decode the sent message) is at most δ, and in the case of SMT, privacy is perfect. We propose a new approach to the construction of 1-round δ-RMT and (0, δ)-SMT for all connectivities N ≥ 2t + 1, using list decodable codes and message authentication codes. Our concrete constructions use folded Reed-Solomon codes and multireceiver message authentication codes. The protocols have optimal transmission rates and provide the highest reliability among all known comparable protocols. Important advantages of these constructions are, (i) they can be adapted to all connectivities, and (ii) have simple and direct security (privacy and reliability) proofs using properties of the underlying codes, and δ can be calculated from parameters of the underlying codes. We discuss our results in relation to previous work in this area and propose directions for future research.
In Secure message transmission (SMT) protocols two nodes in a network want to communicate securely, given that some of the nodes in the network are corrupted by an adversary with unlimited computational power. An SMT protocol uses multiple paths between the sender and a receiver to guarantee privacy and reliability of the message transmission. An (ϵ, δ)-SMT protocol bounds the adversary's success probability of breaking privacy and reliability to ε and δ, respectively. Rate optimal SMT protocols have the smallest transmission rate (amount of communication per one bit of message). Rate optimal protocols have been constructed for a restricted set of parameters.In this paper we use wire virtualization method to construct new optimal protocols for a wide range of parameters using previously known optimal protocols. In particular, we design, for the first time, an optimal 1-round (0, δ)-SMT protocol for n = (2 + c)t, c ≥ 1 t , where n is the number of paths between the sender and the receiver, up to t of which are controlled by the adversary. We also design an optimal 2-round (0, 0)-SMT protocol for n = (2 + c)t, c ≥ 1 t , with communication cost better than the known protocols. The wire virtualization method can be used to construct other protocols with provable properties from component protocols.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.
customersupport@researchsolutions.com
10624 S. Eastern Ave., Ste. A-614
Henderson, NV 89052, USA
Copyright © 2024 scite LLC. All rights reserved.
Made with 💙 for researchers
Part of the Research Solutions Family.