{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,5,6]],"date-time":"2026-05-06T10:59:00Z","timestamp":1778065140594,"version":"3.51.4"},"reference-count":56,"publisher":"Springer Science and Business Media LLC","issue":"3","license":[{"start":{"date-parts":[[2018,2,12]],"date-time":"2018-02-12T00:00:00Z","timestamp":1518393600000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":["J Cryptol"],"published-print":{"date-parts":[[2019,7]]},"DOI":"10.1007\/s00145-018-9279-y","type":"journal-article","created":{"date-parts":[[2018,2,12]],"date-time":"2018-02-12T18:00:25Z","timestamp":1518458425000},"page":"690-741","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":16,"title":["Probabilistic Termination and Composability of Cryptographic Protocols"],"prefix":"10.1007","volume":"32","author":[{"given":"Ran","family":"Cohen","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Sandro","family":"Coretti","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Juan","family":"Garay","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Vassilis","family":"Zikas","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2018,2,12]]},"reference":[{"key":"9279_CR1","doi-asserted-by":"crossref","unstructured":"G. Asharov, A. Jain, A. L\u00f3pez-Alt, E. Tromer, V. Vaikuntanathan, D. Wichs, Multiparty computation with low communication, computation and interaction via threshold FHE, in David Pointcheval and Thomas Johansson, editors, EUROCRYPT 2012. LNCS, vol. 7237 (Springer, April, 2012), pp. 483\u2013501","DOI":"10.1007\/978-3-642-29011-4_29"},{"key":"9279_CR2","unstructured":"G. Asharov, Y. Lindell, A full proof of the BGW protocol for perfectly-secure multiparty computation. Electronic Colloquium on Computational Complexity (ECCC), 18:36, (2011)"},{"key":"9279_CR3","doi-asserted-by":"crossref","unstructured":"D. Beaver, S. Micali, P. Rogaway, The round complexity of secure protocols (extended abstract), in 22nd ACM STOC. (ACM Press, May 1990), pp. 503\u2013513","DOI":"10.1145\/100216.100287"},{"key":"9279_CR4","doi-asserted-by":"crossref","unstructured":"M. Ben-Or, Another advantage of free choice: Completely asynchronous agreement protocols (extended abstract), in Robert L. Probert, Nancy A. Lynch, and Nicola Santoro, editors, 2nd ACM PODC. (ACM Press, August 1983), pp. 27\u201330","DOI":"10.1145\/800221.806707"},{"issue":"4","key":"9279_CR5","doi-asserted-by":"publisher","first-page":"249","DOI":"10.1007\/s00446-002-0083-3","volume":"16","author":"M Ben-Or","year":"2003","unstructured":"M. Ben-Or, R. El-Yaniv, Resilient-optimal interactive consistency in constant time. Distributed Computing, 16(4):249\u2013262, (2003)","journal-title":"Distributed Computing"},{"key":"9279_CR6","doi-asserted-by":"crossref","unstructured":"M. Ben-Or, S. Goldwasser, A. Wigderson, Completeness theorems for non-cryptographic fault-tolerant distributed computation (extended abstract), in 20th ACM STOC. (ACM Press, May 1988), pp. 1\u201310","DOI":"10.1145\/62212.62213"},{"key":"9279_CR7","doi-asserted-by":"crossref","unstructured":"G. Bracha, An asynchronous [(n-1)\/3]-resilient consensus protocol, in Robert L. Probert, Nancy A. Lynch, and Nicola Santoro, editors, 3rd ACM PODC. (ACM Press, August 1984), pp. 154\u2013162","DOI":"10.1145\/800222.806743"},{"key":"9279_CR8","doi-asserted-by":"crossref","unstructured":"C. Cachin, K. Kursawe, F. Petzold, V. Shoup, Secure and efficient asynchronous broadcast protocols, in Joe Kilian, editor, CRYPTO 2001. LNCS, vol. 2139 (Springer, August 2001), pp. 524\u2013541","DOI":"10.1007\/3-540-44647-8_31"},{"issue":"1","key":"9279_CR9","doi-asserted-by":"publisher","first-page":"143","DOI":"10.1007\/s001459910006","volume":"13","author":"R Canetti","year":"2000","unstructured":"R. Canetti, Security and composition of multiparty cryptographic protocols. Journal of Cryptology, 13(1):143\u2013202, (2000)","journal-title":"Journal of Cryptology"},{"key":"9279_CR10","doi-asserted-by":"crossref","unstructured":"R. Canetti, Universally composable security: A new paradigm for cryptographic protocols, in 42nd FOCS. (IEEE Computer Society Press, October 2001), pp. 136\u2013145","DOI":"10.1109\/SFCS.2001.959888"},{"key":"9279_CR11","unstructured":"R. Canetti, Universally composable signature, certification, and authentication, in 17th IEEE Computer Security Foundations Workshop, (CSFW-17). (2004), pp. 219\u2013235"},{"key":"9279_CR12","doi-asserted-by":"crossref","unstructured":"R. Canetti, A. Cohen, Y. Lindell, A simpler variant of universally composable security for standard multiparty computation, in Rosario Gennaro and Matthew Robshaw, editors, CRYPTO 2015, Part II. LNCS, vol. 9216 (Springer, August 2015), pp. 3\u201322","DOI":"10.1007\/978-3-662-48000-7_1"},{"key":"9279_CR13","doi-asserted-by":"crossref","unstructured":"R. Canetti, Y. Lindell, R. Ostrovsky, A. Sahai, Universally composable two-party and multi-party secure computation, in 34th ACM STOC, (ACM Press, May 2002), pp. 494\u2013503","DOI":"10.1145\/509907.509980"},{"key":"9279_CR14","doi-asserted-by":"crossref","unstructured":"R. Canetti, T. Rabin, Universal composition with joint state, in Dan Boneh, editor, CRYPTO 2003. LNCS, vol. 2729 (Springer, August 2003), pp. 265\u2013281","DOI":"10.1007\/978-3-540-45146-4_16"},{"key":"9279_CR15","doi-asserted-by":"crossref","unstructured":"D. Chaum, C. Cr\u00e9peau, I. Damg\u00e5rd, Multiparty unconditionally secure protocols (extended abstract), in 20th ACM STOC, (ACM Press, May 1988), pp. 11\u201319","DOI":"10.1145\/62212.62214"},{"key":"9279_CR16","doi-asserted-by":"crossref","unstructured":"S.G. Choi, J. Katz, A.J. Malozemoff, V. Zikas, Efficient three-party computation from cut-and-choose, in Juan A. Garay and Rosario Gennaro, editors, CRYPTO 2014, Part II. LNCS, vol. 8617 (Springer, August 2014), pp. 513\u2013530","DOI":"10.1007\/978-3-662-44381-1_29"},{"key":"9279_CR17","doi-asserted-by":"crossref","unstructured":"R. Cohen, S. Coretti, J.A. Garay, V. Zikas, Probabilistic termination and composability of cryptographic protocols, in Matthew Robshaw and Jonathan Katz, editors, CRYPTO 2016, Part III. LNCS, vol. 9816 (Springer, August 2016), pp. 240\u2013269","DOI":"10.1007\/978-3-662-53015-3_9"},{"key":"9279_CR18","unstructured":"R. Cohen, S. Coretti, J.A. Garay, V. Zikas, Round-preserving parallel composition of probabilistic-termination cryptographic protocols, in ICALP 2017. LIPIcs, vol. 80 (July 2017), pp. 37:1\u201337:15"},{"key":"9279_CR19","doi-asserted-by":"crossref","unstructured":"R. Cohen, I. Haitner, E. Omri, L. Rotem, Characterization of secure multiparty computation without broadcast, in Eyal Kushilevitz and Tal Malkin, editors, TCC 2016-A, Part I. LNCS, vol. 9562 (Springer, January 2016), pp. 596\u2013616","DOI":"10.1007\/978-3-662-49096-9_25"},{"key":"9279_CR20","doi-asserted-by":"crossref","unstructured":"R. Cohen, Y. Lindell, Fairness versus guaranteed output delivery in secure multiparty computation, in ASIACRYPT 2014, Part II. LNCS, vol. 8874 (Springer, December 2014), pp. 466\u2013485","DOI":"10.1007\/978-3-662-45608-8_25"},{"key":"9279_CR21","doi-asserted-by":"crossref","unstructured":"I. Damg\u00e5rd, Y. Ishai, Constant-round multiparty computation using a black-box pseudorandom generator, in Victor Shoup, editor, CRYPTO 2005, LNCS, vol. 3621 (Springer, August 2005), pp. 378\u2013394","DOI":"10.1007\/11535218_23"},{"key":"9279_CR22","doi-asserted-by":"crossref","unstructured":"I. Damg\u00e5rd, M. Keller, E. Larraia, V. Pastro, P. Scholl, N.P. Smart, Practical covertly secure MPC for dishonest majority - or: Breaking the SPDZ limits, in Jason Crampton, Sushil Jajodia, and Keith Mayes, editors, ESORICS 2013. LNCS, vol. 8134 (Springer, September 2013), pp. 1\u201318","DOI":"10.1007\/978-3-642-40203-6_1"},{"key":"9279_CR23","first-page":"10","volume":"2014","author":"I Damg\u00e5rd","year":"2014","unstructured":"I. Damg\u00e5rd, J.B. Nielsen, Adaptive versus static security in the UC model, in ProvSec 2014, (2014), pp. 10\u201328","journal-title":"ProvSec"},{"key":"9279_CR24","doi-asserted-by":"crossref","unstructured":"I. Damg\u00e5rd, V. Pastro, N.P. Smart, S. Zakarias, Multiparty computation from somewhat homomorphic encryption, in Reihaneh Safavi-Naini and Ran Canetti, editors, CRYPTO 2012. LNCS, vol. 7417 (Springer, August 2012), pp. 643\u2013662","DOI":"10.1007\/978-3-642-32009-5_38"},{"issue":"4","key":"9279_CR25","doi-asserted-by":"publisher","first-page":"720","DOI":"10.1145\/96559.96565","volume":"37","author":"D Dolev","year":"1990","unstructured":"D. Dolev, R. Reischuk, H.R. Strong, Early stopping in byzantine agreement. J. ACM, 37(4):720\u2013741, (1990)","journal-title":"J. ACM"},{"issue":"4","key":"9279_CR26","doi-asserted-by":"publisher","first-page":"656","DOI":"10.1137\/0212045","volume":"12","author":"D Dolev","year":"1983","unstructured":"D. Dolev, H. Raymond Strong, Authenticated algorithms for byzantine agreement. SIAM Journal on Computing, 12(4):656\u2013666, (1983)","journal-title":"SIAM Journal on Computing"},{"issue":"2","key":"9279_CR27","doi-asserted-by":"publisher","first-page":"135","DOI":"10.1016\/j.spl.2007.05.011","volume":"78","author":"B Eisenberg","year":"2008","unstructured":"B. Eisenberg, On the expectation of the maximum of IID geometric random variables. Statistics & Probability Letters, 78(2):135\u2013143, (2008)","journal-title":"Statistics & Probability Letters"},{"issue":"4","key":"9279_CR28","doi-asserted-by":"publisher","first-page":"873","DOI":"10.1137\/S0097539790187084","volume":"26","author":"P Feldman","year":"1997","unstructured":"P. Feldman, S. Micali, An optimal probabilistic protocol for synchronous byzantine agreement. SIAM Journal on Computing, 26(4):873\u2013933, (1997)","journal-title":"SIAM Journal on Computing"},{"issue":"4","key":"9279_CR29","doi-asserted-by":"publisher","first-page":"183","DOI":"10.1016\/0020-0190(82)90033-3","volume":"14","author":"MJ Fischer","year":"1982","unstructured":"M.J. Fischer, N.A. Lynch, A lower bound for the time to assure interactive consistency. Information Processing Letters, 14(4):183\u2013186, (1982)","journal-title":"Information Processing Letters"},{"key":"9279_CR30","doi-asserted-by":"crossref","unstructured":"M. Fitzi, J.A. Garay, Efficient player-optimal protocols for strong and differential consensus, in Elizabeth Borowsky and Sergio Rajsbaum, editors, 22nd ACM PODC, (ACM Press, July 2003), pp. 211\u2013220","DOI":"10.1145\/872035.872066"},{"key":"9279_CR31","doi-asserted-by":"crossref","unstructured":"S. Garg, C. Gentry, S. Halevi, M. Raykova, Two-round secure MPC from indistinguishability obfuscation, in Yehuda Lindell, editor, TCC 2014. LNCS, vol. 8349 (Springer, February 2014), pp. 74\u201394","DOI":"10.1007\/978-3-642-54242-8_4"},{"key":"9279_CR32","doi-asserted-by":"crossref","unstructured":"O. Goldreich, S. Micali, A. Wigderson, Proofs that yield nothing but their validity and a methodology of cryptographic protocol design (extended abstract), in 27th FOCS. (IEEE Computer Society Press, October 1986), pp. 174\u2013187","DOI":"10.1109\/SFCS.1986.47"},{"key":"9279_CR33","doi-asserted-by":"crossref","unstructured":"O. Goldreich, S. Micali, A. Wigderson, How to play any mental game or A completeness theorem for protocols with honest majority, in Alfred Aho, editor, 19th ACM STOC. (ACM Press, May 1987), pp. 218\u2013229","DOI":"10.1145\/28395.28420"},{"issue":"1","key":"9279_CR34","doi-asserted-by":"publisher","first-page":"45","DOI":"10.1016\/0020-0190(90)90185-Z","volume":"36","author":"O Goldreich","year":"1990","unstructured":"O. Goldreich, E. Petrank, The best of both worlds: Guaranteeing termination in fast randomized byzantine agreement protocols. Information Processing Letters, 36(1):45\u201349, (1990)","journal-title":"Information Processing Letters"},{"issue":"3","key":"9279_CR35","doi-asserted-by":"publisher","first-page":"247","DOI":"10.1007\/s00145-005-0319-z","volume":"18","author":"S Goldwasser","year":"2005","unstructured":"S. Goldwasser, Y. Lindell, Secure multi-party computation without agreement. Journal of Cryptology, 18(3):247\u2013287, (2005)","journal-title":"Journal of Cryptology"},{"key":"9279_CR36","doi-asserted-by":"crossref","unstructured":"S.D. Gordon, F.-H. Liu, E. Shi, Constant-round MPC with fairness and guarantee of output delivery, in Rosario Gennaro and Matthew Robshaw, editors, CRYPTO 2015, Part II. LNCS, vol. 9216 (Springer, August 2015), pp. 63\u201382","DOI":"10.1007\/978-3-662-48000-7_4"},{"key":"9279_CR37","doi-asserted-by":"crossref","unstructured":"M. Hirt, V. Zikas, Adaptively secure broadcast, in Henri Gilbert, editor, EUROCRYPT 2010. LNCS, vol. 6110 (Springer, May 2010), pp. 466\u2013485","DOI":"10.1007\/978-3-642-13190-5_24"},{"key":"9279_CR38","doi-asserted-by":"crossref","unstructured":"Y. Ishai, R. Ostrovsky, V. Zikas, Secure multi-party computation with identifiable abort, in Juan A. Garay and Rosario Gennaro, editors, CRYPTO 2014, Part II. LNCS, vol. 8617 (Springer, August 2014), pp. 369\u2013386","DOI":"10.1007\/978-3-662-44381-1_21"},{"key":"9279_CR39","doi-asserted-by":"crossref","unstructured":"Y. Ishai, M. Prabhakaran, A. Sahai, Founding cryptography on oblivious transfer - efficiently, in David Wagner, editor, CRYPTO 2008. LNCS, vol. 5157 (Springer, August 2008), pp. 572\u2013591","DOI":"10.1007\/978-3-540-85174-5_32"},{"key":"9279_CR40","doi-asserted-by":"crossref","unstructured":"J. Katz, C.-Y. Koo, On expected constant-round protocols for byzantine agreement, in Cynthia Dwork, editor, CRYPTO 2006. LNCS, vol. 4117 (Springer, August 2006), pp. 445\u2013462","DOI":"10.1007\/11818175_27"},{"key":"9279_CR41","doi-asserted-by":"crossref","unstructured":"J. Katz, C.-Y. Koo, Round-efficient secure computation in point-to-point networks, in Moni Naor, editor, EUROCRYPT 2007. LNCS, vol. 4515. (Springer, May 2007), pp. 311\u2013328","DOI":"10.1007\/978-3-540-72540-4_18"},{"key":"9279_CR42","doi-asserted-by":"crossref","unstructured":"J. Katz, Y. Lindell, Handling expected polynomial-time strategies in simulation-based security proofs, in Joe Kilian, editor, TCC 2005. LNCS, vol. 3378 (Springer, February 2005), pp. 128\u2013149","DOI":"10.1007\/978-3-540-30576-7_8"},{"key":"9279_CR43","doi-asserted-by":"crossref","unstructured":"J. Katz, U. Maurer, B. Tackmann, V. Zikas, Universally composable synchronous computation, in Amit Sahai, editor, TCC 2013. LNCS, vol. 7785 (Springer, March 2013), pp. 477\u2013498","DOI":"10.1007\/978-3-642-36594-2_27"},{"key":"9279_CR44","doi-asserted-by":"crossref","unstructured":"M. Keller, P. Scholl, N.P. Smart, An architecture for practical actively secure MPC with dishonest majority, in Ahmad-Reza Sadeghi, Virgil D. Gligor, and Moti Yung, editors, ACM CCS 13. (ACM Press, November 2013), pp. 549\u2013560","DOI":"10.1145\/2508859.2516744"},{"key":"9279_CR45","doi-asserted-by":"crossref","unstructured":"J. Kilian, Founding cryptography on oblivious transfer, in 20th ACM STOC. (ACM Press, May 1988), pp. 20\u201331","DOI":"10.1145\/62212.62215"},{"key":"9279_CR46","doi-asserted-by":"crossref","unstructured":"E. Kushilevitz, Y. Lindell, T. Rabin, Information-theoretically secure protocols and security under composition, in Jon M. Kleinberg, editor, 38th ACM STOC. (ACM Press, May 2006), pp. 109\u2013118","DOI":"10.1145\/1132516.1132532"},{"issue":"3","key":"9279_CR47","doi-asserted-by":"publisher","first-page":"382","DOI":"10.1145\/357172.357176","volume":"4","author":"L Lamport","year":"1982","unstructured":"L. Lamport, R.E. Shostak, M.C. Pease, The byzantine generals problem. ACM Trans. Program. Lang. Syst., 4(3):382\u2013401, (1982)","journal-title":"ACM Trans. Program. Lang. Syst."},{"key":"9279_CR48","doi-asserted-by":"crossref","unstructured":"Y. Lindell, A. Lysyanskaya, T. Rabin, On the composition of authenticated byzantine agreement, in 34th ACM STOC. (ACM Press, May 2002), pp. 514\u2013523","DOI":"10.1145\/509907.509982"},{"key":"9279_CR49","doi-asserted-by":"crossref","unstructured":"Y. Lindell, A. Lysyanskaya, T. Rabin, Sequential composition of protocols without simultaneous termination, in Aleta Ricciardi, editor, 21st ACM PODC. (ACM Press, July 2002), pp. 203\u2013212","DOI":"10.1145\/571825.571859"},{"key":"9279_CR50","doi-asserted-by":"crossref","unstructured":"Y. Lindell, B. Pinkas, N.P. Smart, A. Yanai, Efficient constant round multi-party computation combining BMR and SPDZ, in Rosario Gennaro and Matthew Robshaw, editors, CRYPTO 2015, Part II. LNCS, vol. 9216 (Springer, August 2015), pp. 319\u2013338","DOI":"10.1007\/978-3-662-48000-7_16"},{"key":"9279_CR51","doi-asserted-by":"crossref","unstructured":"P. Mukherjee, D. Wichs, Two round multiparty computation via multi-key FHE, in Marc Fischlin and Jean-S\u00e9bastien Coron, editors, EUROCRYPT 2016, LNCS, vol. 9666 (Springer, May 2016), pp. 735\u2013763","DOI":"10.1007\/978-3-662-49896-5_26"},{"issue":"2","key":"9279_CR52","doi-asserted-by":"publisher","first-page":"228","DOI":"10.1145\/322186.322188","volume":"27","author":"MC Pease","year":"1980","unstructured":"M.C. Pease, R.E. Shostak, L. Lamport, Reaching agreement in the presence of faults. Journal of the ACM, 27(2):228\u2013234, (1980)","journal-title":"Journal of the ACM"},{"key":"9279_CR53","doi-asserted-by":"crossref","unstructured":"M.O. Rabin, Randomized byzantine generals, in 24th Annual Symposium on Foundations of Computer Science, Tucson, Arizona, USA, 7\u20139 November 1983. (IEEE Computer Society, 1983), pp. 403\u2013409","DOI":"10.1109\/SFCS.1983.48"},{"key":"9279_CR54","doi-asserted-by":"crossref","unstructured":"T. Rabin, M. Ben-Or, Verifiable secret sharing and multiparty protocols with honest majority (extended abstract), in 21st ACM STOC. (ACM Press, May 1989), pp. 73\u201385","DOI":"10.1145\/73007.73014"},{"issue":"2","key":"9279_CR55","doi-asserted-by":"publisher","first-page":"73","DOI":"10.1016\/0020-0190(84)90027-9","volume":"18","author":"R Turpin","year":"1984","unstructured":"R. Turpin, B.A. Coan, Extending binary byzantine agreement to multivalued byzantine agreement. Information Processing Letters, 18(2):73\u201376, (1984)","journal-title":"Information Processing Letters"},{"key":"9279_CR56","unstructured":"A.C.-C. Yao, Protocols for secure computations (extended abstract), in 23rd FOCS. (IEEE Computer Society Press, November 1982), pp. 160\u2013164."}],"container-title":["Journal of Cryptology"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/article\/10.1007\/s00145-018-9279-y\/fulltext.html","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/s00145-018-9279-y.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/s00145-018-9279-y.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2020,4,8]],"date-time":"2020-04-08T08:13:57Z","timestamp":1586333637000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/s00145-018-9279-y"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2018,2,12]]},"references-count":56,"journal-issue":{"issue":"3","published-print":{"date-parts":[[2019,7]]}},"alternative-id":["9279"],"URL":"https:\/\/doi.org\/10.1007\/s00145-018-9279-y","relation":{},"ISSN":["0933-2790","1432-1378"],"issn-type":[{"value":"0933-2790","type":"print"},{"value":"1432-1378","type":"electronic"}],"subject":[],"published":{"date-parts":[[2018,2,12]]},"assertion":[{"value":"26 June 2016","order":1,"name":"received","label":"Received","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"10 January 2018","order":2,"name":"revised","label":"Revised","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"12 February 2018","order":3,"name":"first_online","label":"First Online","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"This content has been made available to all.","name":"free","label":"Free to read"}]}}