Categorical Composable Cryptography


We formalize the simulation paradigm of cryptography in terms of category theory and show that protocols secure against abstract attacks form a symmetric monoidal category (≈ can be composed sequentially and in parallel). This gives an abstract model of composable security definitions in cryptography that is not tied to any particular machine model. Our model is able to incorporate computational security, set-up assumptions and various attack models such as colluding or independently acting subsets of adversaries in a modular, flexible fashion. We conclude by using string diagrams to rederive the security of the one-time pad and no-go results concerning the limits of bipartite and tripartite cryptography, ruling out e.g., composable commitments and broadcasting.

The talk is based on joint work with Anne Broadbent, and corresponding text is available at and

Mar 13, 2023 3:15 PM — 4:15 PM

Martti Karvonen is a postdoc at the University of Ottawa. His research interests include category theory and its applications to fields such as cryptography and quantum computing.