Score:0

Secure communication over insecure channel is based on the assumption of secure channel?

cn flag

Consider a scenario:data owners $C$ sends a $l$ bits value $x$ to parties $P_0$ and $P_1$ via additively secret sharing scheme, for example, $C$ randomly selects $r \in_R \{0, 1\}^l$, and sends $r$ to $P_0$ and $x-r$ to $P_1$. In insecure channel, adversary $\mathcal{A}$ could obtain $r$ and $x-r$ to construct secret $x$ by eavesdroping the channel.

But there a scheme: $C$ sends $\mbox{Enc}_{{pk}_0}(r)$ to $P_0$ and sends $\mbox{Enc}_{{pk}_1}(x-r)$ to $P_1$(i.e. privacy) ,and $C$ authenticates $r$ and $x-r$ by means of digital signature(i.e. authentication). So a secure commutation over an insecure channel is achieved.

My question is:does the above scheme require the assumption of a secure channel?

The key point of this problem is that we use some technologies to implement privacy and authentication on an insecure channel, and this insecure channel can be considered, but not a secure channel. We no longer need the assumption of a secure channel based on our technology, is this right?

cn flag
You have constructed a secure channel based on the assumption of a secure setup, i.e. the assumption that the public keys were distributed securely.
Yang avatar
cn flag
Thank you for your reply,so the assumption of my scheme is no longer the secure channel, but secure public key cryptography (and public key infrastructure) ?
Score:0
jp flag
Lev

The difference is that when discussing the MPC protocol, we abstract away the need for a secure channel.

My question is:does the above scheme require the assumption of a secure channel?

In the case you have an insecure channel, as you stated, if implemented correctly, one can construct a secure channel based on the security of your public key infrastructure.

Yang avatar
cn flag
In the computational setting the adversary is assumed to be polynomial-time. Results in this model typically assume cryptographic assumptions like the existence of trapdoor permutations. These are assumptions on the hardness of solving some problem (like factoring large integers) whose hardness has not actually be proven but is widely conjectured.We note that it is not necessary here to assume that the parties have access to ideally private channels, because such channels can be implemented using public-key encryption.
Yang avatar
cn flag
However, it is assumed that the communication channels between parties are authenticated; that is, if two honest parties communicate, then the adversary can eavesdrop but cannot modify any message that is sent. Such authentication can be achieved using digital signatures and a public-key infrastructure.
mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.