Cryptography Reference
In-Depth Information
Wire-tapping versus the private-channel model
: The standard
assumption in cryptography is that the adversary may tap all
communication channels (between honest parties). In contrast,
one may
postulate
that the adversary cannot obtain messages
sent between a pair of honest parties, yielding the so-called
private-channel model
(cf. (25; 42)). The latter postulate may
be justified in some settings. Furthermore, it may be viewed as a
useful abstraction that provides a clean model for the study and
development of secure protocols. In this respect, it is important
to mention that, in a variety of settings of the other parameters,
private channels can be easily emulated by ordinary “tapped
channels”.
Broadcast channel
: In the multi-party context, one may postu-
late the existence of a
broadcast channel
(cf. (110)), and the
motivation and justifications are as in the case of the private-
channel model.
The
tamper-free assumption
: The standard assumption in the
area is that the adversary cannot modify, duplicate, or gener-
ate messages sent over the communication channels (between
honest parties). Again, this assumption can be justified in some
settings and can be emulated in others (cf., (18; 34)).
Network behavior
: Most works in the area assume that com-
munication is
synchronous
and that point-to-point channels
exist between every pair of processors (i.e., a
complete net-
work
). However, one may also consider
asynchronous communi-
cation
(cf. (23)) and
arbitrary networks
of point-to-point chan-
nels (cf. (51)).
Set-up assumptions:
Unless stated differently, we make no set-up
assumptions (except for the obvious assumption that all par-
ties have identical copies of the protocol's program). How-
ever, in some cases it is assumed that each party knows a
verification-key corresponding to each of the other parties (or
that a public-key infrastructure is available). Another assump-
tion, made more rarely, is that all parties have access to some
common (trusted) random string.