# Information Security and Cryptography Research Group

## Practical and Employable Protocols for UC-Secure Circuit Evaluation over Zn

### Jan Camenisch, Robert R. Enderlein, and Victor Shoup

Computer Security - ESORICS 2013 - 18th European Symposium on Research in Computer Security, Lecture Notes in Computer Science, Springer, vol. 8134, pp. 19–37, 2013.

We present a set of new, efficient, universally composable two-party protocols for evaluating reactive arithmetic circuits modulo n, where n is a safe RSA modulus of unknown factorization. Our protocols are based on a homomorphic encryption scheme with message space Z_n, zero-knowledge proofs of existence, and a novel "mixed" trapdoor commitment scheme. Our protocols are proven secure against adaptive corruptions (assuming secure erasures) under standard assumptions in the CRS model (without random oracles). Our protocols appear to be the most efficient ones that satisfy these security requirements. In contrast to prior protocols, we provide facilities that allow for the use of our protocols as building blocks of higher-level protocols. An additional contribution of this paper is a universally composable construction of the variant of the Dodis-Yampolskiy oblivious pseudorandom function in a group of order n as originally proposed by Jarecki and Liu.

## BibTeX Citation

@inproceedings{CaEnSh13,
author       = {Jan Camenisch and Robert R. Enderlein and Victor Shoup},
title        = {Practical and Employable Protocols for UC-Secure Circuit Evaluation over Zn},
editor       = {Jason Crampton and Sushil Jajodia and Keith Mayes},
booktitle    = {Computer Security - ESORICS 2013 - 18th European Symposium on Research in Computer Security},
pages        = 19--37,
series       = {Lecture Notes in Computer Science},
volume       = 8134,
year         = 2013,
publisher    = {Springer},
}