[Resource Topic] 2010/551: A Note on the Relation between the Definitions of Security for Semi-Honest and Malicious Adversaries

Welcome to the resource topic for 2010/551

Title:
A Note on the Relation between the Definitions of Security for Semi-Honest and Malicious Adversaries

Authors: Carmit Hazay, Yehuda Lindell

Abstract:

In secure computation, a set of parties wish to jointly compute some function of their private inputs while preserving security properties like privacy, correctness and more. The two main adversary models that have been considered are \emph{semi-honest} adversaries who follow the prescribed protocol but try to glean more information than allowed from the protocol transcript, and \emph{malicious} adversaries who can run any efficient strategy in order to carry out their attack. As such they can deviate at will from the prescribed protocol. One would naturally expect that any protocol that is secure in the presence of malicious adversaries will automatically be secure in the presence of semi-honest adversaries. However, due to a technicality in the definition, this is not necessarily true. In this brief note, we explain why this is the case, and show that a slight modification to the definition of semi-honest adversaries (specifically, allowing a semi-honest adversary to change its received input) suffices for fixing this anomaly. Our aim in publishing this note is to make this curious fact more known to the wider cryptographic community.

ePrint: https://eprint.iacr.org/2010/551

See all topics related to this paper.

Feel free to post resources that are related to this paper below.

Example resources include: implementations, explanation materials, talks, slides, links to previous discussions on other websites.

For more information, see the rules for Resource Topics .