Multi-party Computation Based on Physical Coins
In the history of cryptography, many cryptographic protocols rely on random coin tosses to discuss their provable security. Although flipping coins is indispensable in this manner, the coins themselves have never been in the spotlight. Therefore, we would like to make physical coins go up to the stage of cryptography, as a deck of physical playing cards has been used to perform a secure multi-party computation. Such a card-based protocol is helpful both to perform a secure computation without any black-box computers and to understand the principles of secure protocols. In this paper, we propose a new framework of secure multi-party computation using physical coins, named a coin-based protocol. Whereas a face-down card can conceal the information about its face side, one side of a coin leaks the information of its other side. Hence, more careful design is required for a secure coin-based protocol than the card-based one. We introduce a computational model of the coin-based protocol and explicitly give protocols for NOT, AND, and copy computations. We also discuss how to implement the protocols in practice.
KeywordsMulti-party computation Card-based protocol Physical coin
This work was supported by JSPS KAKENHI Grant Number JP17K00001. We would like to thank the anonymous reviewers for their fruitful comments.
- 8.Marcedone, A., Wen, Z., Shi, E.: Secure dating with four or fewer cards. Cryptology ePrint Archive, Report 2015/1031 (2015)Google Scholar
- 9.Goldwasser, S.: Multi-party computations: past and present. In: Burns, J.E., Attiya, H. (eds.) Proceedings of the Sixteenth Annual ACM Symposium on Principles of Distributed Computing, pp. 1–6. ACM (1997)Google Scholar