ASIACRYPT 2017: Advances in Cryptology – ASIACRYPT 2017 pp 126-155 | Cite as
The Minimum Number of Cards in Practical Card-Based Protocols
Abstract
The elegant “five-card trick” of den Boer (EUROCRYPT 1989) allows two players to securely compute a logical AND of two private bits, using five playing cards of symbols \(\heartsuit \) and \(\clubsuit \). Since then, card-based protocols have been successfully put to use in classroom environments, vividly illustrating secure multiparty computation – and evoked research on the minimum number of cards needed for several functionalities.
Securely computing arbitrary circuits needs protocols for negation, AND and bit copy in committed-format, where outputs are commitments again. Negation just swaps the bit’s cards, computing AND and copying a bit \(n\) times can be done with six and \(2n+2\) cards, respectively, using the simple protocols of Mizuki and Sone (FAW 2009).
Koch et al. (ASIACRYPT 2015) showed that five cards suffice for computing AND in finite runtime, albeit using relatively complex and unpractical shuffle operations. In this paper, we show that if we restrict shuffling to closed permutation sets, the six-card protocol is optimal in the finite-runtime setting. If we additionally assume a uniform distribution on the permutations in a shuffle, we show that restart-free four-card AND protocols are impossible. These shuffles are easy to perform even in an actively secure manner (Koch and Walzer, ePrint 2017).
For copying bit commitments, the protocol of Nishimura et al. (ePrint 2017) needs only \(2n+1\) cards, but performs a number of complex shuffling steps that is only finite in expectation. We show that it is impossible to go with less cards. If we require an a priori bound on the runtime, we show that the \((2n+2)\)-card protocol is card-minimal.
Keywords
Card-based protocols Committed format Boolean AND COPY Secure computation Cryptography without computersNotes
Acknowledgments
We would like to thank our reviewers for their valuable comments. This work was supported by JSPS KAKENHI Grant Number 17K00001.
References
- [CHL13]Cheung, E., Hawthorne, C., Lee, P.: CS 758 Project: Secure Computation with Playing Cards (2013). https://csclub.uwaterloo.ca/~cdchawth/files/papers/secure_laying_cards.pdf
- [CK93]Crépeau, C., Kilian, J.: Discreet solitary games. In: Stinson, D.R. (ed.) CRYPTO 1993. LNCS, vol. 773, pp. 319–330. Springer, Heidelberg (1994). https://doi.org/10.1007/3-540-48329-2_27 Google Scholar
- [dBoe89]den Boer, B.: More efficient match-making and satisfiability The Five Card Trick. In: Quisquater, J.-J., Vandewalle, J. (eds.) EUROCRYPT 1989. LNCS, vol. 434, pp. 208–217. Springer, Heidelberg (1990). https://doi.org/10.1007/3-540-46885-4_23 Google Scholar
- [DM96]Dixon, J.D., Mortimer, B.: Permutation Groups. Graduate Texts in Mathematics, vol. 163. Springer, New York (1996). https://doi.org/10.1007/978-1-4612-0731-3 MATHGoogle Scholar
- [FAN+16]Francis, D., Aljunid, S.R., Nishida, T., Hayashi, Y., Mizuki, T., Sone, H.: Necessary and sufficient numbers of cards for securely computing two-bit output functions. In: Phan, R.C.-W., Yung, M. (eds.) Mycrypt 2016. LNCS, vol. 10311, pp. 193–211. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-61273-7_10 CrossRefGoogle Scholar
- [KW17]Koch, A., Walzer, S.: Foundations for actively secure card-based cryptography. Cryptology ePrint Archive, Report 2017/423 (2017). https://eprint.iacr.org/2017/423
- [KWH15]Koch, A., Walzer, S., Härtel, K.: Card-based cryptographic protocols using a minimal number of cards. In: Iwata, T., Cheon, J.H. (eds.) ASIACRYPT 2015. LNCS, vol. 9452, pp. 783–807. Springer, Heidelberg (2015). https://doi.org/10.1007/978-3-662-48797-6_32 CrossRefGoogle Scholar
- [Miz16]Mizuki, T.: Card-based protocols for securely computing the conjunction of multiple variables. Theoret. Comput. Sci. 622, 34–44 (2016). https://doi.org/10.1016/j.tcs.2016.01.039 MathSciNetCrossRefMATHGoogle Scholar
- [MKS12]Mizuki, T., Kumamoto, M., Sone, H.: The five-card trick can be done with four cards. In: Wang, X., Sako, K. (eds.) ASIACRYPT 2012. LNCS, vol. 7658, pp. 598–606. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-34961-4_36 CrossRefGoogle Scholar
- [MS09]Mizuki, T., Sone, H.: Six-card secure AND and four-card secure XOR. In: Deng, X., Hopcroft, J.E., Xue, J. (eds.) FAW 2009. LNCS, vol. 5598, pp. 358–369. Springer, Heidelberg (2009). https://doi.org/10.1007/978-3-642-02270-8_36 CrossRefGoogle Scholar
- [MS14]Mizuki, T., Shizuya, H.: A formalization of card-based cryptographic protocols via abstract machine. Int. J. Inf. Secur. 13(1), 15–23 (2014). https://doi.org/10.1007/s10207-013-0219-4 CrossRefGoogle Scholar
- [MS17]Mizuki, T., Shizuya, H.: Computational model of card-based cryptographic protocols and its applications. In: IEICE Transactions, vol. 100-A.1, pp. 3–11 (2017). http://search.ieice.org/bin/summary.php?id=e100-a_1_3
- [MWS15]Marcedone, A., Wen, Z., Shi, E.: Secure dating with four or fewer cards. Cryptology ePrint Archive, Report 2015/1031 (2015)Google Scholar
- [NHMS16]Nishimura, A., Hayashi, Y.-I., Mizuki, T., Sone, H.: An implementation of non-uniform shuffle for secure multi-party computation. In: Workshop on ASIA Public-Key Cryptography, Proceedings. AsiaPKC 2016, pp. 49–55. ACM, New York (2016). https://doi.org/10.1145/2898420.2898425
- [NNH+15]Nishimura, A., Nishida, T., Hayashi, Y., Mizuki, T., Sone, H.: Five-card secure computations using unequal division shuffle. In: Dediu, A.-H., Magdalena, L., Martín-Vide, C. (eds.) TPNC 2015. LNCS, vol. 9477, pp. 109–120. Springer, Cham (2015). https://doi.org/10.1007/978-3-319-26841-5_9 CrossRefGoogle Scholar
- [NNH+17]Nishimura, A., Nishida, T., Hayashi, Y., Mizuki, T., Sone, H.: Card-based protocols using unequal division shuffles. Soft Computing (to appear). https://doi.org/10.1007/s00500-017-2858-2