Complexity of Multi-party Computation Problems: The Case of 2-Party Symmetric Secure Function Evaluation

  • Hemanta K. Maji
  • Manoj Prabhakaran
  • Mike Rosulek
Part of the Lecture Notes in Computer Science book series (LNCS, volume 5444)


In symmetric secure function evaluation (SSFE), Alice has an input x, Bob has an input y, and both parties wish to securely compute f(x,y). We show several new results classifying the feasibility of securely implementing these functions in several security settings. Namely, we give new alternate characterizations of the functions that have (statistically) secure protocols against passive and active (standalone), computationally unbounded adversaries. We also show a strict, infinite hierarchy of complexity for SSFE functions with respect to universally composable security against unbounded adversaries. That is, there exists a sequence of functions f1, f2, ... such that there exists a UC-secure protocol for fi in the fj-hybrid world if and only if i ≤ j.

The main new technical tool that unifies our unrealizability results is a powerful protocol simulation theorem, which may be of independent interest. Essentially, in any adversarial setting (UC, standalone, or passive), f is securely realizable if and only if a very simple (deterministic) “canonical” protocol for f achieves the desired security. Thus, to show that f is unrealizable, one need simply demonstrate a single attack on a single simple protocol.


  1. 1.
    Backes, M., Müller-Quade, J., Unruh, D.: On the necessity of rewinding in secure multiparty computation. In: Vadhan, S.P. (ed.) TCC 2007. LNCS, vol. 4392, pp. 157–173. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  2. 2.
    Beaver, D.: Perfect privacy for two-party protocols. In: Feigenbaum, J., Merritt, M. (eds.) Proceedings of DIMACS Workshop on Distributed Computing and Cryptography, vol. 2, pp. 65–77. American Mathematical Society (1989)Google Scholar
  3. 3.
    Beimel, A., Malkin, T., Micali, S.: The all-or-nothing nature of two-party secure computation. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 80–97. Springer, Heidelberg (1999)CrossRefGoogle Scholar
  4. 4.
    Canetti, R.: Universally composable security: A new paradigm for cryptographic protocols. Electronic Colloquium on Computational Complexity (ECCC) TR01-016 (2001); Extended abstract in FOCS 2001Google Scholar
  5. 5.
    Canetti, R., Kushilevitz, E., Lindell, Y.: On the limitations of universally composable two-party computation without set-up assumptions. In: Biham, E. (ed.) EUROCRYPT 2003. LNCS, vol. 2656. Springer, Heidelberg (2003)Google Scholar
  6. 6.
    Chor, B., Kushilevitz, E.: A zero-one law for boolean privacy (extended abstract). In: STOC, pp. 62–72. ACM, New York (1989)Google Scholar
  7. 7.
    Goldreich, O., Micali, S., Wigderson, A.: Proofs that yield nothing but their validity or all languages in NP have zero-knowledge proof systems. J. ACM 38(3), 691–729 (1991); Preliminary version in FOCS 1986MathSciNetMATHGoogle Scholar
  8. 8.
    Impagliazzo, R., Rudich, S.: Limits on the provable consequences of one-way permutations. In: STOC, pp. 44–61. ACM Press, New York (1989)Google Scholar
  9. 9.
    Ishai, Y., Prabhakaran, M., Sahai, A.: Founding cryptography on oblivious transfer - efficiently. In: Wagner, D. (ed.) CRYPTO 2008. LNCS, vol. 5157, pp. 572–591. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  10. 10.
    Kilian, J.: Founding cryptography on oblivious transfer. In: STOC, pp. 20–31. ACM, New York (1988)Google Scholar
  11. 11.
    Kilian, J.: Uses of Randomness in Algorithms and Protocols. PhD thesis, Department of Electrical Engineering and Computer Science, Massachusetts Institute of Technology (1989)Google Scholar
  12. 12.
    Kilian, J.: A general completeness theorem for two-party games. In: STOC, pp. 553–560. ACM, New York (1991)Google Scholar
  13. 13.
    Kilian, J.: More general completeness theorems for secure two-party computation. In: Proc. 32nd STOC, pp. 316–324. ACM, New York (2000)Google Scholar
  14. 14.
    Kilian, J., Kushilevitz, E., Micali, S., Ostrovsky, R.: Reducibility and completeness in private computations. SIAM J. Comput. 29(4), 1189–1208 (2000)MathSciNetCrossRefMATHGoogle Scholar
  15. 15.
    Kraschewski, D., Müller-Quade, J.: Completeness theorems with constructive proofs for symmetric, asymmetric and general 2-party-functions (unpublished manuscript, 2008)Google Scholar
  16. 16.
    Künzler, R., Müller-Quade, J., Raub, D.: Secure computability of functions in the it setting with dishonest majority and applications to long-term security (in these proceedings)Google Scholar
  17. 17.
    Kushilevitz, E.: Privacy and communication complexity. In: FOCS, pp. 416–421. IEEE, Los Alamitos (1989)Google Scholar
  18. 18.
    Lindell, Y.: Lower bounds for concurrent self composition. In: Naor, M. (ed.) TCC 2004. LNCS, vol. 2951, pp. 203–222. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  19. 19.
    Maji, H., Prabhakaran, M., Rosulek, M.: Complexity of multiparty computation problems: The case of 2-party symmetric secure function evaluation. Cryptology ePrint Archive, Report 2008/454 (2008),
  20. 20.
    Prabhakaran, M., Rosulek, M.: Cryptographic complexity of multi-party computation problems: Classifications and separations. In: Wagner, D. (ed.) CRYPTO 2008. LNCS, vol. 5157, pp. 262–279. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  21. 21.
    Yao, A.C.: Protocols for secure computation. In: Proc. 23rd FOCS, pp. 160–164. IEEE, Los Alamitos (1982)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2009

Authors and Affiliations

  • Hemanta K. Maji
    • 1
  • Manoj Prabhakaran
    • 1
  • Mike Rosulek
    • 1
  1. 1.Department of Computer ScienceUniversity of Illinois, Urbana-ChampaignUSA

Personalised recommendations