Advertisement

Journal of Cryptology

, Volume 13, Issue 1, pp 107–142 | Cite as

Randomness versus Fault-Tolerance

  • Ran Canetti
  • Eyal Kushilevitz
  • Rafail Ostrovsky
  • Adi Rosén
Article

Abstract.

We investigate the relations between two major properties of multiparty protocols: fault tolerance (or resilience ) and randomness . Fault-tolerance is measured in terms of the maximum number of colluding faulty parties, t , that a protocol can withstand and still maintain the privacy of the inputs and the correctness of the outputs (of the honest parties). Randomness is measured in terms of the total number of random bits needed by the parties in order to execute the protocol.

Previously, the upper bound on the amount of randomness required by general constructions for securely computing any nontrivial function f was polynomial both in n , the total number of parties, and the circuit-size C(f) . This was the state of knowledge even for the special case t=1 (i.e., when there is at most one faulty party). In this paper we show that for any linear-size circuit, and for any number t < n/3 of faulty

Key words. Secure multiparty protocols, Randomness, Limited independence, Composition of protocols. 

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Copyright information

© International Association for Cryptologic Research 2000

Authors and Affiliations

  • Ran Canetti
    • 1
  • Eyal Kushilevitz
    • 2
  • Rafail Ostrovsky
    • 3
  • Adi Rosén
    • 4
  1. 1.IBM T. J. Watson Research CenterHawthorneU.S.A.
  2. 2.Department of Computer ScienceTechnionHaifaIsrael
  3. 3.Bell Communications Research, MCC-1C365BMorristownU.S.A.
  4. 4.Department of Computer ScienceUniversity of TorontoTorontoCanada

Personalised recommendations