Categorical composable cryptography: extended version

TL;DR

This paper introduces a categorical framework for cryptography, modeling secure protocols as symmetric monoidal categories, enabling a modular and abstract understanding of composable security, including various attack models and resource theories.

Contribution

It formalizes cryptographic security within category theory, providing a flexible, modular model that incorporates computational security, setup assumptions, and attack models, with applications to classical cryptographic protocols.

Findings

Re-derivation of one-time pad security using string diagrams

Proof of the correctness of Diffie-Hellman key exchange

No-go results for certain cryptographic primitives like commitments and broadcasting

Abstract

We formalize the simulation paradigm of cryptography in terms of category theory and show that protocols secure against abstract attacks form a symmetric monoidal category, thus giving an abstract model of composable security definitions in cryptography. Our model is able to incorporate computational security, set-up assumptions and various attack models such as colluding or independently acting subsets of adversaries in a modular, flexible fashion. We conclude by using string diagrams to rederive the security of the one-time pad, correctness of Diffie-Hellman key exchange and no-go results concerning the limits of bipartite and tripartite cryptography, ruling out e.g., composable commitments and broadcasting. On the way, we exhibit two categorical constructions of resource theories that might be of independent interest: one capturing resources shared among multiple parties and one capturing resource conversions that succeed asymptotically. This is a corrected version of the paper arXiv:2208.13232 published originally on December 18, 2023.