Robust Multiparty Computation with Linear Communication Complexity

  • Martin Hirt
  • Jesper Buus Nielsen
Part of the Lecture Notes in Computer Science book series (LNCS, volume 4117)


We present a robust multiparty computation protocol. The protocol is for the cryptographic model with open channels and a poly-time adversary, and allows n parties to actively securely evaluate any poly-sized circuit with resilience t < n/2. The total communication complexity in bits over the point-to-point channels is \({\mathcal{O}}(S n \kappa + n {\mathcal{BC}})\), where S is the size of the circuit being securely evaluated, κ is the security parameter and \({\mathcal{BC}}\) is the communication complexity of one broadcast of a κ-bit value. This means the average number of bits sent and received by a single party is \({\mathcal{O}}(S \kappa + {\mathcal{BC}})\), which is almost independent of the number of participating parties. This is the first robust multiparty computation protocol with this property.


Proof System Output Gate Active Party Honest Party Corrupted Party 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


  1. [BB89]
    Bar-Ilan, J., Beaver, D.: Non-cryptographic fault-tolerant computing in constant number of rounds of interaction. In: PODC 1989 (1989)Google Scholar
  2. [Bea91a]
    Beaver, D.: Efficient multiparty protocols using circuit randomization. In: Feigenbaum, J. (ed.) CRYPTO 1991. LNCS, vol. 576, pp. 420–432. Springer, Heidelberg (1992)Google Scholar
  3. [Bea91b]
    Beaver, D.: Secure multi-party protocols and zero-knowledge proof systems tolerating a faulty minority. Journal of Cryptology 4(2), 75–122 (1991)MATHCrossRefGoogle Scholar
  4. [BFKR90]
    Beaver, D., Feigenbaum, J., Kilian, J., Rogaway, P.: Security with low communication overhead (extended abstract). In: Menezes, A., Vanstone, S.A. (eds.) CRYPTO 1990. LNCS, vol. 537, pp. 62–76. Springer, Heidelberg (1991)Google Scholar
  5. [BGW88]
    Ben-Or, M., Goldwasser, S., Wigderson, A.: Completeness theorems for non-cryptographic fault-tolerant distributed computation (extended abstract). In: 20th STOC (1988)Google Scholar
  6. [BH05]
    Beerliová-Trubíniová, Z., Hirt, M.: Efficient multi-party computation with dispute control. In: Halevi, S., Rabin, T. (eds.) TCC 2006. LNCS, vol. 3876, pp. 305–328. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  7. [BMR90]
    Beaver, D., Micali, S., Rogaway, P.: The round complexity of secure protocols (extended abstract). In: 22nd STOC (1990)Google Scholar
  8. [Can01]
    Canetti, R.: Universally composable security: A new paradigm for cryptographic protocols. In: 42nd FOCS (2001)Google Scholar
  9. [CCD88]
    Chaum, D., Crépeau, C., Damgård, I.: Multiparty unconditionally secure protocols (extended abstract). In: 20th STOC (1988)Google Scholar
  10. [CDD+99]
    Cramer, R., Damgård, I.B., Dziembowski, S., Hirt, M., Rabin, T.: Efficient multiparty computations secure against an adaptive adversary. In: Stern, J. (ed.) EUROCRYPT 1999. LNCS, vol. 1592, p. 311. Springer, Heidelberg (1999)Google Scholar
  11. [CDD00]
    Cramer, R., Damgård, I., Dziembowski, S.: On the complexity of verifiable secret sharing and multiparty computation. In: 32nd STOC (2000)Google Scholar
  12. [CDG87]
    Chaum, D., Damgård, I.B., van de Graaf, J.: Multiparty computations ensuring privacy of each party’s input and correctness of the result. In: Pomerance, C. (ed.) CRYPTO 1987. LNCS, vol. 293, pp. 87–119. Springer, Heidelberg (1988)Google Scholar
  13. [CDM00]
    Cramer, R., Damgård, I.B., Maurer, U.M.: General secure multi-party computation from any linear secret-sharing scheme. In: Preneel, B. (ed.) EUROCRYPT 2000. LNCS, vol. 1807, p. 316. Springer, Heidelberg (2000)CrossRefGoogle Scholar
  14. [CDN01]
    Cramer, R., Damgård, I.B., Nielsen, J.B.: Multiparty computation from threshold homomorphic encryption. In: Pfitzmann, B. (ed.) EUROCRYPT 2001. LNCS, vol. 2045, p. 280. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  15. [Dam00]
    Damgård, I.B.: Efficient concurrent zero-knowledge in the auxiliary string model. In: Preneel, B. (ed.) EUROCRYPT 2000. LNCS, vol. 1807, p. 418. Springer, Heidelberg (2000)CrossRefGoogle Scholar
  16. [DI06]
    Damgård, I.B., Ishai, Y.: Scalable secure multiparty computation. In: Dwork, C. (ed.) CRYPTO 2006. LNCS, vol. 4117, pp. 501–520. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  17. [FH06]
    Fitzi, M., Hirt, M.: Optimally efficient multi-valued byzantine agreement. In: 25th PODC (2006)Google Scholar
  18. [FH96]
    Franklin, M., Haber, S.: Joint encryption and message-efficient secure computation. Journal of Cryptology 9(4), 217–232 (1996)MATHCrossRefMathSciNetGoogle Scholar
  19. [GMW87]
    Goldreich, O., Micali, S., Wigderson, A.: How to play any mental game or a completeness theorem for protocols with honest majority. In: 19th STOC (1987)Google Scholar
  20. [GRR98]
    Gennaro, R., Rabin, M., Rabin, T.: Simplified VSS and fast-track multi-party computations with applications to threshold cryptography. In: PODC 1998 (1998)Google Scholar
  21. [GV87]
    Goldreich, O., Vainish, R.: How to solve any protocol probleman efficiency improvement. In: Pomerance, C. (ed.) CRYPTO 1987. LNCS, vol. 293, pp. 73–86. Springer, Heidelberg (1988)Google Scholar
  22. [HMP00]
    Hirt, M., Maurer, U.M., Przydatek, B.: Efficient secure multi-party computation. In: Okamoto, T. (ed.) ASIACRYPT 2000. LNCS, vol. 1976, p. 143. Springer, Heidelberg (2000)CrossRefGoogle Scholar
  23. [HM01]
    Hirt, M., Maurer, U.M.: Robustness for free in unconditional multi-party computation. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, p. 101. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  24. [HNP05]
    Hirt, M., Nielsen, J.B., Przydatek, B.: Cryptographic asynchronous multi-party computation with optimal resilience (Extended abstract). In: Cramer, R. (ed.) EUROCRYPT 2005. LNCS, vol. 3494, pp. 322–340. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  25. [HN05]
    Hirt, M., Nielsen, J.B.: Upper bounds on the communication complexity of optimally resilient cryptographic multiparty computation. In: Roy, B. (ed.) ASIACRYPT 2005. LNCS, vol. 3788, pp. 79–99. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  26. [Nie03]
    Nielsen, J.B.: On Protocol Security in the Cryptographic Model. PhD Thesis. Department of Computer Science, University of Aarhus (2003)Google Scholar
  27. [Pai99]
    Paillier, P.: Public-key cryptosystems based on composite degree residuosity classes. In: Stern, J. (ed.) EUROCRYPT 1999. LNCS, vol. 1592, p. 223. Springer, Heidelberg (1999)Google Scholar
  28. [Rab98]
    Rabin, T.: A simplified approach to threshold and proactive RSA. In: Krawczyk, H. (ed.) CRYPTO 1998. LNCS, vol. 1462, p. 89. Springer, Heidelberg (1998)Google Scholar
  29. [RB89]
    Rabin, T., Ben-Or, M.: Verifiable secret sharing and multiparty protocols with honest majority. In: 21th STOC (1989)Google Scholar
  30. [Yao82]
    Yao, A.C.-C.: Protocols for secure computations (extended abstract). In: 23rd FOCS (1982)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2006

Authors and Affiliations

  • Martin Hirt
    • 1
  • Jesper Buus Nielsen
    • 2
  1. 1.ETH ZurichSwitzerland
  2. 2.University of AarhusDenmark

Personalised recommendations