Ad Hoc PSM Protocols: Secure Computation Without Coordination

  • Amos BeimelEmail author
  • Yuval Ishai
  • Eyal Kushilevitz
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 10212)


We study the notion of ad hoc secure computation, recently introduced by Beimel et al. (ITCS 2016), in the context of the Private Simultaneous Messages (PSM) model of Feige et al. (STOC 2004). In ad hoc secure computation we have n parties that may potentially participate in a protocol but, at the actual time of execution, only k of them, whose identity is not known in advance, actually participate. This situation is particularly challenging in the PSM setting, where protocols are non-interactive (a single message from each participating party to a special output party) and where the parties rely on pre-distributed, correlated randomness (that in the ad-hoc setting will have to take into account all possible sets of participants).

We present several different constructions of ad hoc PSM protocols from standard PSM protocols. These constructions imply, in particular, that efficient information-theoretic ad hoc PSM protocols exist for NC\(^1\) and different classes of log-space computation, and efficient computationally-secure ad hoc PSM protocols for polynomial-time computable functions can be based on a one-way function. As an application, we obtain an information-theoretic implementation of order-revealing encryption whose security holds for two messages.

We also consider the case where the actual number of participating parties t may be larger than the minimal k for which the protocol is designed to work. In this case, it is unavoidable that the output party learns the output corresponding to each subset of k out of the t participants. Therefore, a “best possible security” notion, requiring that this will be the only information that the output party learns, is needed. We present connections between this notion and the previously studied notion of t-robust PSM (also known as “non-interactive MPC”). We show that constructions in this setting for even simple functions (like AND or threshold) can be translated into non-trivial instances of program obfuscation (such as point function obfuscation and fuzzy point function obfuscation, respectively). We view these results as a negative indication that protocols with “best possible security” are impossible to realize efficiently in the information-theoretic setting or require strong assumptions in the computational setting.


Security Requirement Secure Protocol Secure Computation Secret Sharing Scheme Computational Setting 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.



We thank David Cash and David Wu for helpful discussions about Order Revealing Encryption.

The first author was supported by ISF grant 544/13 and by a grant from the BGU Cyber Security Research Center. The second and third authors were partially supported by ISF grant 1709/14, BSF grant 2012378, and NSF-BSF grant 2015782. Research of the second author was additionally supported from a DARPA/ARL SAFEWARE award, NSF Frontier Award 1413955, NSF grants 1619348, 1228984, 1136174, and 1065276, a Xerox Faculty Research Award, a Google Faculty Research Award, an equipment grant from Intel, and an Okawa Foundation Research Grant. This material is based upon work supported by the Defense Advanced Research Projects Agency through the ARL under Contract W911NF-15-C-0205. The views expressed are those of the authors and do not reflect the official policy or position of the Department of Defense, the National Science Foundation, or the U.S. Government.


  1. 1.
    Agrawal, R., Kiernan, J., Srikant, R., Xu, Y.: Order preserving encryption for numeric data. In: Proceedings of the 2004 ACM SIGMOD International Conference on Management of Data, pp. 563–574 (2004)Google Scholar
  2. 2.
    Applebaum, B., Raykov, P.: From private simultaneous messages to zero-information Arthur-Merlin protocols and back. In: Kushilevitz, E., Malkin, T. (eds.) TCC 2016. LNCS, vol. 9563, pp. 65–82. Springer, Heidelberg (2016). doi: 10.1007/978-3-662-49099-0_3 CrossRefGoogle Scholar
  3. 3.
    Barak, B., Goldreich, O., Impagliazzo, R., Rudich, S., Sahai, A., Vadhan, S.P., Yang, K.: On the (im)possibility of obfuscating programs. J. ACM 59(2), 6 (2012)MathSciNetCrossRefzbMATHGoogle Scholar
  4. 4.
    Beimel, A., Gabizon, A., Ishai, Y., Kushilevitz, E.: Distribution design. In: Sudan, M. (ed.) Proceedings of the 2016 ACM Conference on Innovations in Theoretical Computer Science, pp. 81–92. ACM, New York (2016)CrossRefGoogle Scholar
  5. 5.
    Beimel, A., Gabizon, A., Ishai, Y., Kushilevitz, E., Meldgaard, S., Paskin-Cherniavsky, A.: Non-interactive secure multiparty computation. In: Garay, J.A., Gennaro, R. (eds.) CRYPTO 2014. LNCS, vol. 8617, pp. 387–404. Springer, Heidelberg (2014). doi: 10.1007/978-3-662-44381-1_22 CrossRefGoogle Scholar
  6. 6.
    Bellare, M., Stepanovs, I.: Point-function obfuscation: a framework and generic constructions. In: Kushilevitz, E., Malkin, T. (eds.) TCC 2016. LNCS, vol. 9563, pp. 565–594. Springer, Heidelberg (2016). doi: 10.1007/978-3-662-49099-0_21 CrossRefGoogle Scholar
  7. 7.
    Bitansky, N., Canetti, R., Kalai, Y.T., Paneth, O.: On virtual grey box obfuscation for general circuits. In: Garay, J.A., Gennaro, R. (eds.) CRYPTO 2014. LNCS, vol. 8617, pp. 108–125. Springer, Heidelberg (2014). doi: 10.1007/978-3-662-44381-1_7 CrossRefGoogle Scholar
  8. 8.
    Boldyreva, A., Chenette, N., Lee, Y., O’Neill, A.: Order-preserving symmetric encryption. In: Joux, A. (ed.) EUROCRYPT 2009. LNCS, vol. 5479, pp. 224–241. Springer, Heidelberg (2009). doi: 10.1007/978-3-642-01001-9_13 CrossRefGoogle Scholar
  9. 9.
    Boldyreva, A., Chenette, N., Lee, Y., O’neill, A.: Order-preserving symmetric encryption. Technical report 2012/624, IACR Cryptology ePrint Archive (2012).
  10. 10.
    Boldyreva, A., Chenette, N., O’Neill, A.: Order-preserving encryption revisited: improved security analysis and alternative solutions. In: Rogaway, P. (ed.) CRYPTO 2011. LNCS, vol. 6841, pp. 578–595. Springer, Heidelberg (2011). doi: 10.1007/978-3-642-22792-9_33 CrossRefGoogle Scholar
  11. 11.
    Boldyreva, A., Chenette, N., O’Neill, A.: Order-preserving encryption revisited: improved security analysis and alternative solutions. Technical report 2012/625, IACR Cryptology ePrint Archive (2012).
  12. 12.
    Boneh, D., Lewi, K., Raykova, M., Sahai, A., Zhandry, M., Zimmerman, J.: Semantically secure order-revealing encryption: multi-input functional encryption without obfuscation. In: Oswald, E., Fischlin, M. (eds.) EUROCRYPT 2015. LNCS, vol. 9057, pp. 563–594. Springer, Heidelberg (2015). doi: 10.1007/978-3-662-46803-6_19 Google Scholar
  13. 13.
    Brakerski, Z., Komargodski, I., Segev, G.: Multi-input functional encryption in the private-key setting: stronger security from weaker assumptions. In: Fischlin, M., Coron, J.-S. (eds.) EUROCRYPT 2016. LNCS, vol. 9666, pp. 852–880. Springer, Heidelberg (2016). doi: 10.1007/978-3-662-49896-5_30 CrossRefGoogle Scholar
  14. 14.
    Feige, U., Kilian, J., Naor, M.: A minimal model for secure computation. In: Proceedings of the 26th ACM Symposium on the Theory of Computing, pp. 554–563 (1994)Google Scholar
  15. 15.
    Goldwasser, S., Gordon, S.D., Goyal, V., Jain, A., Katz, J., Liu, F.-H., Sahai, A., Shi, E., Zhou, H.-S.: Multi-input functional encryption. In: Nguyen, P.Q., Oswald, E. (eds.) EUROCRYPT 2014. LNCS, vol. 8441, pp. 578–602. Springer, Heidelberg (2014). doi: 10.1007/978-3-642-55220-5_32 CrossRefGoogle Scholar
  16. 16.
    Goldwasser, S., Rothblum, G.N.: On best-possible obfuscation. In: Vadhan, S.P. (ed.) TCC 2007. LNCS, vol. 4392, pp. 194–213. Springer, Heidelberg (2007). doi: 10.1007/978-3-540-70936-7_11 CrossRefGoogle Scholar
  17. 17.
    Ishai, Y., Kushilevitz, E.: Private simultaneous messages protocols with applications. In: 5th Israel Symposium on Theory of Computing and Systems, pp. 174–183 (1997)Google Scholar
  18. 18.
    Ishai, Y., Kushilevitz, E., Paskin, A.: Secure multiparty computation with minimal interaction. In: Rabin, T. (ed.) CRYPTO 2010. LNCS, vol. 6223, pp. 577–594. Springer, Heidelberg (2010). doi: 10.1007/978-3-642-14623-7_31 CrossRefGoogle Scholar
  19. 19.
    Lynn, B., Prabhakaran, M., Sahai, A.: Positive results and techniques for obfuscation. In: Cachin, C., Camenisch, J.L. (eds.) EUROCRYPT 2004. LNCS, vol. 3027, pp. 20–39. Springer, Heidelberg (2004). doi: 10.1007/978-3-540-24676-3_2 CrossRefGoogle Scholar
  20. 20.
    Yao, A.C.: How to generate and exchange secrets. In: Proceedings of the 27th IEEE Symposium on Foundations of Computer Science, pp. 162–167 (1986)Google Scholar

Copyright information

© International Association for Cryptologic Research 2017

Authors and Affiliations

  1. 1.Department of Computer ScienceBen Gurion UniversityBeer ShevaIsrael
  2. 2.Department of Computer ScienceTechnionHaifaIsrael
  3. 3.Department of Computer ScienceUCLALos AngelesUSA

Personalised recommendations