TY - JOUR
T1 - Actively revealing card attack on card-based protocols
AU - Takashima, Ken
AU - Miyahara, Daiki
AU - Mizuki, Takaaki
AU - Sone, Hideaki
N1 - Funding Information:
This work was supported in part by JSPS KAKENHI Grant Numbers JP17K00001 and JP19J21153. We would like to thank the anonymous reviewers for their fruitful comments. Especially, the nice idea behind the protocol presented in Sect. was brought us by a reviewer.
Publisher Copyright:
© 2021, The Author(s).
PY - 2022/12
Y1 - 2022/12
N2 - In 1989, den Boer presented the first card-based protocol, called the “five-card trick,” that securely computes the AND function using a deck of physical cards via a series of actions such as shuffling and turning over cards. This protocol enables a couple to confirm their mutual love without revealing their individual feelings. During such a secure computation protocol, it is important to keep any information about the inputs secret. Almost all existing card-based protocols are secure under the assumption that all players participating in a protocol are semi-honest or covert, i.e., they do not deviate from the protocol if there is a chance that they will be caught when cheating. In this paper, we consider a more malicious attack in which a player as an active adversary can reveal cards illegally without any hesitation. Against such an actively revealing card attack, we define the t-secureness, meaning that no information about the inputs leaks even if at most t cards are revealed illegally. We then actually design t-secure AND protocols. Thus, our contribution is the construction of the first formal framework to handle actively revealing card attacks as well as their countermeasures.
AB - In 1989, den Boer presented the first card-based protocol, called the “five-card trick,” that securely computes the AND function using a deck of physical cards via a series of actions such as shuffling and turning over cards. This protocol enables a couple to confirm their mutual love without revealing their individual feelings. During such a secure computation protocol, it is important to keep any information about the inputs secret. Almost all existing card-based protocols are secure under the assumption that all players participating in a protocol are semi-honest or covert, i.e., they do not deviate from the protocol if there is a chance that they will be caught when cheating. In this paper, we consider a more malicious attack in which a player as an active adversary can reveal cards illegally without any hesitation. Against such an actively revealing card attack, we define the t-secureness, meaning that no information about the inputs leaks even if at most t cards are revealed illegally. We then actually design t-secure AND protocols. Thus, our contribution is the construction of the first formal framework to handle actively revealing card attacks as well as their countermeasures.
KW - Active security
KW - Card-based protocols
KW - Cryptography
KW - Secure multiparty computations
UR - http://www.scopus.com/inward/record.url?scp=85100857353&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85100857353&partnerID=8YFLogxK
U2 - 10.1007/s11047-020-09838-8
DO - 10.1007/s11047-020-09838-8
M3 - Article
AN - SCOPUS:85100857353
SN - 1567-7818
VL - 21
SP - 615
EP - 628
JO - Natural Computing
JF - Natural Computing
IS - 4
ER -