Download now Free registration required
Composition theorems in simulation-based approaches allow building complex protocols from sub-protocols in a modular way. However, as first pointed out and studied by Canetti and Rabin, this modular approach often leads to impractical implementations. For example, when using functionality for digital signatures within a more complex protocol, parties have to generate new verification and signing keys for every session of the protocol. This motivates to generalize composition theorems to so-called joint state theorems, where different copies of functionality may share some state, e.g., the same verification and signing keys.
- Format: PDF
- Size: 638.1 KB