Universally Composable Multi-party Computation with an Unreliable Common Reference String

  • Vipul Goyal
  • Jonathan Katz
Part of the Lecture Notes in Computer Science book series (LNCS, volume 4948)


Universally composable (UC) multi-party computation has been studied in two settings. When a majority of parties are honest, UC multi-party computation is possible without any assumptions. Without a majority of honest parties, UC multi-party computation is impossible in the plain model, but feasibility results have been obtained in various augmented models. The most popular such model posits a common reference string (CRS) available to parties executing the protocol.

In either of the above settings, some assumption regarding the protocol execution is made: i.e., that many parties are honest in the first case, or that a legitimately-chosen string is available in the second. If this assumption is incorrect then all security is lost.

A natural question is whether it is possible to design protocols secure if either one of these assumptions holds, i.e., a protocol which is secure if either at most s players are dishonest or if up to t > s players are dishonest but the CRS is chosen in the prescribed manner. We show that such protocols exist if and only if s + t < n.


Ideal Functionality Impossibility Result Honest Party Secure Multiparty Computation Common Reference String 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


  1. 1.
    Barak, B., Canetti, R., Nielsen, J.B., Pass, R.: Universally composable protocols with relaxed set-up assumptions. In: 45th Annual Symposium on Foundations of Computer Science (FOCS), pp. 186–195. IEEE, Los Alamitos (2004)CrossRefGoogle Scholar
  2. 2.
    Barak, B., Sahai, A.: How to play almost any mental game over the net — concurrent composition using super-polynomial simulation. In: 46th Annual Symposium on Foundations of Computer Science (FOCS), IEEE, Los Alamitos (2005)Google Scholar
  3. 3.
    Ben-Or, M., Goldwasser, S., Wigderson, A.: Completeness theorems for non-cryptographic fault-tolerant distributed computation. In: 20th Annual ACM Symposium on Theory of Computing (STOC), pp. 1–10. ACM, New York (1988)Google Scholar
  4. 4.
    Blum, M., Feldman, P., Micali, S.: Non-interactive zero-knowledge and its applications. In: 20th Annual ACM Symposium on Theory of Computing (STOC), pp. 32–42. ACM, New York (1988)Google Scholar
  5. 5.
    Canetti, R.: Universally composable security: A new paradigm for cryptographic protocols. In: 42nd Annual Symposium on Foundations of Computer Science (FOCS), pp. 136–147. IEEE, Los Alamitos (2001) Preliminary full version available as Cryptology ePrint Archive Report 2000/067Google Scholar
  6. 6.
    Canetti, R., Dodis, Y., Pass, R., Walfish, S.: Universally composable security with global setup. In: Vadhan, S.P. (ed.) TCC 2007. LNCS, vol. 4392, pp. 61–85. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  7. 7.
    Canetti, R., Fischlin, M.: Universally composable commitments. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, pp. 19–40. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  8. 8.
    Canetti, R., Kushilevitz, E., Lindell, Y.: On the limitations of universally composable two-party computation without set-up assumptions. J. Cryptology 19(2), 135–167 (2006)zbMATHCrossRefMathSciNetGoogle Scholar
  9. 9.
    Canetti, R., Lindell, Y., Ostrovsky, R., Sahai, A.: Universally composable two-party and multi-party secure computation. In: 34th Annual ACM Symposium on Theory of Computing (STOC), pp. 494–503 (2002)Google Scholar
  10. 10.
    Goldwasser, S., Lindell, Y.: Secure multi-party computation without agreement. J. Cryptology 18(3), 247–287 (2005)zbMATHCrossRefMathSciNetGoogle Scholar
  11. 11.
    Groth, J., Ostrovsky, R.: Cryptography in the multi-string model. In: Menezes, A. (ed.) CRYPTO 2007. LNCS, vol. 4622, pp. 323–341. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  12. 12.
    Hofheinz, D., Müller-Quade, J., Unruh, D.: Universally composable zero-knowledge arguments and commitments from signature cards. In: Proc. 5th Central European Conference on Cryptology (2005)Google Scholar
  13. 13.
    Ishai, Y., Kushilevitz, E., Lindell, Y., Petrank, E.: On combining privacy with guaranteed output delivery in secure multiparty computation. In: Dwork, C. (ed.) CRYPTO 2006. LNCS, vol. 4117, pp. 483–500. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  14. 14.
    Katz, J.: On achieving the best of both worlds in secure multiparty computation. In: 39th Annual ACM Symposium on Theory of Computing (STOC), pp. 11–20. ACM, New York (2007)Google Scholar
  15. 15.
    Katz, J.: Universally composable multi-party computation using tamper-proof hardware. In: Naor, M. (ed.) EUROCRYPT 2007. LNCS, vol. 4515, pp. 115–128. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  16. 16.
    Prabhakaran, M., Sahai, A.: New notions of security: Achieving universal composability without trusted setup. In: 36th Annual ACM Symposium on Theory of Computing (STOC), pp. 242–251 (2004)Google Scholar
  17. 17.
    Rabin, T., Ben-Or, M.: Verifiable secret sharing and multi-party protocols with honest majority. In: 21st Annual ACM Symposium on Theory of Computing (STOC), pp. 73–85. ACM, New York (1989)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2008

Authors and Affiliations

  • Vipul Goyal
    • 1
  • Jonathan Katz
    • 2
  1. 1.Department of Computer ScienceUCLA 
  2. 2.Department of Computer ScienceUniversity of Maryland 

Personalised recommendations