Skip to main content

The Resiliency of MPC with Low Interaction: The Benefit of Making Errors (Extended Abstract)

Part of the Lecture Notes in Computer Science book series (LNSC,volume 12551)

Abstract

We study information-theoretic secure multiparty protocols that achieve full security, including guaranteed output delivery, at the presence of an active adversary that corrupts a constant fraction of the parties. It is known that 2 rounds are insufficient for such protocols even when the adversary corrupts only two parties (Gennaro, Ishai, Kushilevitz, and Rabin; Crypto 2002), and that perfect protocols can be implemented in 3 rounds as long as the adversary corrupts less than a quarter of the parties (Applebaum, Brakerski, and Tsabary; Eurocrypt, 2019). Furthermore, it was recently shown that the quarter threshold is tight for any 3-round perfectly-secure protocol (Applebaum, Kachlon, and Patra; FOCS 2020). Nevertheless, one may still hope to achieve a better-than-quarter threshold at the expense of allowing some negligible correctness errors and/or statistical deviations in the security.

Our main results show that this is indeed the case. Every function can be computed by 3-round protocols with statistical security as long as the adversary corrupts less than third of the parties. Moreover, we show that any better resiliency threshold requires 4 rounds. Our protocol is computationally inefficient and has an exponential dependency in the circuit’s depth d and in the number of parties n. We show that this overhead can be avoided by relaxing security to computational, assuming the existence of a non-interactive commitment (NICOM). Previous 3-round computational protocols were based on stronger public-key assumptions. When instantiated with statistically-hiding NICOM, our protocol provides everlasting statistical security, i.e., it is secure against adversaries that are computationally unlimited after the protocol execution.

To prove these results, we introduce a new hybrid model that allows for 2-round protocols with linear resiliency threshold. Here too we prove that, for perfect protocols, the best achievable resiliency is n/4, whereas statistical protocols can achieve a threshold of n/3. In the plain model, we also construct the first 2-round n/3-statistical verifiable secret sharing that supports second-level sharing and prove a matching lower-bound, extending the results of Patra, Choudhary, Rabin, and Rangan (Crypto 2009). Overall, our results refine the differences between statistical and perfect models of security, and show that there are efficiency gaps even for thresholds that are realizable in both models.

Keywords

  • Information-theoretic cryptography
  • Cryptographic protocols
  • Secure computation
  • Round complexity

The full version of this paper can be found in [7]. The first two authors are supported by the European Union’s Horizon 2020 Programme (ERC-StG-2014–2020) under grant agreement no. 639813 ERC-CLC, and the Check Point Institute for Information Security. Arpita Patra would like to acknowledge financial support from SERB MATRICS (Theoretical Sciences) Grant 2020 and Google India AI/ML Research Award 2020.

This is a preview of subscription content, access via your institution.

Buying options

Chapter
USD   29.95
Price excludes VAT (USA)
  • DOI: 10.1007/978-3-030-64378-2_20
  • Chapter length: 33 pages
  • Instant PDF download
  • Readable on all devices
  • Own it forever
  • Exclusive offer for individuals only
  • Tax calculation will be finalised during checkout
eBook
USD   84.99
Price excludes VAT (USA)
  • ISBN: 978-3-030-64378-2
  • Instant PDF download
  • Readable on all devices
  • Own it forever
  • Exclusive offer for individuals only
  • Tax calculation will be finalised during checkout
Softcover Book
USD   109.99
Price excludes VAT (USA)
Fig. 1.
Fig. 2.
Fig. 3.
Fig. 4.
Fig. 5.
Fig. 6.
Fig. 7.
Fig. 8.
Fig. 9.
Fig. 10.
Fig. 11.
Fig. 12.
Fig. 13.

Notes

  1. 1.

    The above description ignores some technical details such as output randomization which can be easily applied in the \(\mathcal {F}_{\mathsf {poly}}\)-SIFR model; see for example [5].

  2. 2.

    Formally, this means that, in addition to standard statistical security, the output distribution of the simulator \(\mathcal {S}\) in the ideal world and the output distribution of the adversary \(\mathcal {A} \) in the real world are identically distributed. This additional property (which is common to all our positive results) does not seem to be very useful as a feature, but it indicates more accurately what is needed in order to bypass the lower-bounds in the perfect setting.

  3. 3.

    As usual in such settings, the exponential dependency in the depth can be replaced by an exponential dependency in the (non-deterministic) branching-program complexity of f.

  4. 4.

    The positive result can now be obtained by combining the simple 2-round VSS-hybrid protocol for quadratic functions (Theorem 1) with the 2-round perfect-VSS of [32] and with the completeness of degree-2 arithmetic functionalities [8]. The original proof from [5] was significantly more complicated since it relied on a weaker degree-2 completeness result that was applicable only over the binary field.

  5. 5.

    The impossibility of three-round plain-model perfect protocols with resiliency \(t\ge \left\lfloor (n-1)/4 \right\rfloor +1\) seems to be incomparable to the impossibility of two-round perfect SIFR-model protocols (Theorem 1). One could deduce the latter result from the former with the aid of two-round protocols for single-input functionalities with perfect resiliency of \(t\ge \left\lfloor (n-1)/4 \right\rfloor +1\). However, such protocols do not exist even for the special case of the VSS functionality [32].

  6. 6.

    We thank Yuval Ishai for pointing this out.

References

  1. Agrawal, S.: Verifiable secret sharing in a total of three rounds. Inf. Process. Lett. 112(22), 856–859 (2012). https://doi.org/10.1016/j.ipl.2012.08.003

    MathSciNet  CrossRef  MATH  Google Scholar 

  2. Ananth, P., Choudhuri, A.R., Goel, A., Jain, A.: Round-optimal secure multiparty computation with honest majority. In: Advances in Cryptology - CRYPTO 2018–38th Annual International Cryptology Conference Proceedings, Part II. pp. 395–424, Santa Barbara, CA, USA, August 19–23 (2018)

    Google Scholar 

  3. Ananth, P., Choudhuri, A.R., Goel, A., Jain, A.: Two round information-theoretic MPC with malicious security. In: Advances in Cryptology - EUROCRYPT 2019–38th Annual International Conference on the Theory and Applications of Cryptographic Techniques Proceedings, Part II. pp. 532–561, Darmstadt, Germany, May 19–23(2019)

    Google Scholar 

  4. Applebaum, B., Brakerski, Z., Tsabary, R.: Perfect secure computation in two rounds. In: Theory of Cryptography - 16th International Conference Proceedings, Part I. TCC 2018, pp. 152–174, Panaji, India, November 11–14 (2018)

    Google Scholar 

  5. Applebaum, B., Brakerski, Z., Tsabary, R.: Degree 2 is complete for the round-complexity of malicious MPC. In: Advances in Cryptology - EUROCRYPT 2019–38th Annual International Conference on the Theory and Applications of Cryptographic Techniques Proceedings, Part II. pp. 504–531, Darmstadt, Germany, May 19–23(2019)

    Google Scholar 

  6. Applebaum, B., Ishai, Y., Kushilevitz, E.: Cryptography in NC\(^0\). SIAM J. Comput. 36(4), 845–888 (2006)

    MathSciNet  CrossRef  Google Scholar 

  7. Applebaum, B., Kachlon, E., Patra, A.: The resiliency of mpc with low interaction: The benefit of making errors (2020)

    Google Scholar 

  8. Applebaum, B., Kachlon, E., Patra, A.: The round complexity of perfect mpc with active security and optimal resiliency. In: Proceedings of 61st FOCS (2020). https://eprint.iacr.org/2020/581

  9. Asharov, G., Lindell, Y.: A full proof of the BGW protocol for perfectly secure multiparty computation. J. Cryptol. 30(1), 58–151 (2017)

    MathSciNet  CrossRef  Google Scholar 

  10. Backes, M., Kate, A., Patra, A.: Computational verifiable secret sharing revisited. In: Advances in Cryptology - ASIACRYPT 2011–17th International Conference on the Theory and Application of Cryptology and Information Security Proceedings. pp. 590–609, Seoul, South Korea, December 4–8 (2011)

    Google Scholar 

  11. Badrinarayanan, S., Jain, A., Manohar, N., Sahai, A.: Secure MPC: laziness leads to GOD. IACR Cryptology ePrint Archive 2018, 580 (2018). https://eprint.iacr.org/2018/580

  12. Bar-Ilan, J., Beaver, D.: Non-cryptographic fault-tolerant computing in constant number of rounds of interaction. In: Proceedings of the Eighth Annual ACM Symposium on Principles of Distributed Computing, pp. 201–209, Edmonton, Alberta, Canada, August 14–16 (1989)

    Google Scholar 

  13. Barak, B., Ong, S.J., Vadhan, S.P.: Derandomization in cryptography. SIAM J. Comput. 37(2), 380–400 (2007). https://doi.org/10.1137/050641958

    MathSciNet  CrossRef  MATH  Google Scholar 

  14. Beaver, D.: Efficient multiparty protocols using circuit randomization. In: Feigenbaum, J. (ed.) CRYPTO 1991. LNCS, vol. 576, pp. 420–432. Springer, Heidelberg (1992). https://doi.org/10.1007/3-540-46766-1_34

  15. Beaver, D.: Multiparty protocols tolerating half faulty processors. In: Brassard, G. (ed.) CRYPTO 1989. LNCS, vol. 435, pp. 560–572. Springer, New York (1990). https://doi.org/10.1007/0-387-34805-0_49

    CrossRef  Google Scholar 

  16. Beaver, D., Feigenbaum, J., Kilian, J., Rogaway, P.: Security with low communication overhead. In: Advances in Cryptology - CRYPTO 1990, 10th Annual International Cryptology Conference, pp. 62–76, Santa Barbara, California, USA, August 11–15 (1990)

    Google Scholar 

  17. Ben-Or, M., Goldwasser, S., Wigderson, A.: Completeness theorems for non-cryptographic fault-tolerant distributed computation (extended abstract). In: Proceedings of the 20th Annual ACM Symposium on Theory of Computing, pp. 1–10, Chicago, Illinois, USA, May 2–4 (1988)

    Google Scholar 

  18. Blum, M.: Coin flipping by telephone. In: Advances in Cryptology: A Report on CRYPTO 81, CRYPTO 81, IEEE Workshop on Communications Security, pp. 11–15, Santa Barbara, California, USA, August 24–26 (1981)

    Google Scholar 

  19. Canetti, R., Kilian, J., Petrank, E., Rosen, A.: Black-box concurrent zero-knowledge requires omega (log n) rounds. In: Proceedings on 33rd Annual ACM Symposium on Theory of Computing. pp. 570–579, Heraklion, Crete, Greece, July 6–8 (2001)

    Google Scholar 

  20. Canetti, R., Rabin, T.: Fast asynchronous byzantine agreement with optimal resilience. In: Proceedings of the Twenty-Fifth Annual ACM Symposium on Theory of Computing. pp. 42–51, San Diego, CA, USA, May 16–18 (1993)

    Google Scholar 

  21. Chaum, D., Crépeau, C., Damgård, I.: Multiparty unconditionally secure protocols (extended abstract). In: Proceedings of the 20th Annual ACM Symposium on Theory of Computing, pp. 11–19, Chicago, Illinois, USA, May 2–4 (1988)

    Google Scholar 

  22. Chor, B., Kushilevitz, E.: A zero-one law for boolean privacy. In: Proceedings of the Twenty-First Annual ACM Symposium on Theory of Computing. pp. 62–72. STOC 1989, Association for Computing Machinery, New York, USA (1989). https://doi.org/10.1145/73007.73013

  23. Chor, B., Goldwasser, S., Micali, S., Awerbuch, B.: Verifiable secret sharing and achieving simultaneity in the presence of faults (extended abstract). In: 26th Annual Symposium on Foundations of Computer Science, Portland, Oregon, pp. 383–395 USA, October 21–23 (1985)

    Google Scholar 

  24. Cleve, R.: Limits on the security of coin flips when half the processors are faulty (extended abstract). In: Proceedings of the 18th Annual ACM Symposium on Theory of Computing, pp. 364–369, Berkeley, California, USA, May 28–30 (1986)

    Google Scholar 

  25. Cramer, R., Damgård, I., Dziembowski, S., Hirt, M., Rabin, T.: Efficient multiparty computations secure against an adaptive adversary. In: Advances in Cryptology - EUROCRYPT 1999, International Conference on the Theory and Application of Cryptographic Techniques, Prague, Czech Republic, pp. 311–326, May 2–6(1999)

    Google Scholar 

  26. Cramer, R., Damgård, I., Maurer, U.M.: General secure multi-party computation from any linear secret-sharing scheme. In: Advances in Cryptology - EUROCRYPT 2000, International Conference on the Theory and Application of Cryptographic Techniques, pp. 316–334, Bruges, Belgium, May 14–18 (2000)

    Google Scholar 

  27. Dolev, D., Reischuk, R.: Bounds on information exchange for byzantine agreement. J. ACM 32(1), 191–204 (1985)

    MathSciNet  CrossRef  Google Scholar 

  28. Feige, U., Kilian, J., Naor, M.: A minimal model for secure computation (extended abstract). In: Proceedings of the Twenty-Sixth Annual ACM Symposium on Theory of Computing, pp. 554–563, Montréal, Québec, Canada, May 23–25 (1994)

    Google Scholar 

  29. Feldman, P., Micali, S.: Byzantine agreement in constant expected time (and trusting no one). In: 26th Annual Symposium on Foundations of Computer Science, pp. 267–276, Portland, Oregon, USA, October 21–23 (1985)

    Google Scholar 

  30. Fitzi, M., Garay, J.A., Gollakota, S., Rangan, C.P., Srinathan, K.: Round-optimal and efficient verifiable secret sharing. In: Theory of Cryptography, Third Theory of Cryptography Conference, TCC 2006, pp. 329–342, New York, USA, March 4–7 (2006)

    Google Scholar 

  31. Garg, S., Ishai, Y., Srinivasan, A.: Two-round mpc: information-theoretic and black-box. In: Beimel, A., Dziembowski, S. (eds.) TCC 2018. LNCS, vol. 11239, pp. 123–151. Springer, Cham (2018). https://doi.org/10.1007/978-3-030-03807-6_5

    CrossRef  Google Scholar 

  32. Gennaro, R., Ishai, Y., Kushilevitz, E., Rabin, T.: The round complexity of verifiable secret sharing and secure multicast. In: Proceedings on 33rd Annual ACM Symposium on Theory of Computing, pp. 580–589, Heraklion, Crete, Greece, July 6–8 (2001)

    Google Scholar 

  33. Gennaro, R., Ishai, Y., Kushilevitz, E., Rabin, T.: The round complexity of verifiable secret sharing and secure multicast. In: Proceedings of the thirty-third annual ACM symposium on Theory of computing. pp. 580–589. ACM (2001)

    Google Scholar 

  34. Gennaro, R., Ishai, Y., Kushilevitz, E., Rabin, T.: On 2-round secure multiparty computation. In: Advances in Cryptology - CRYPTO 2002, 22nd Annual International Cryptology Conference, pp. 178–193, Santa Barbara, California, USA, August 18–22 (2002)

    Google Scholar 

  35. Goldreich, O., Krawczyk, H.: On the composition of zero-knowledge proof systems. SIAM J. Comput. 25(1), 169–192 (1996)

    MathSciNet  CrossRef  Google Scholar 

  36. Goldreich, O., Levin, L.A.: A hard-core predicate for all one-way functions. In: Proceedings of the 21st Annual ACM Symposium on Theory of Computing, pp. 25–32, Seattle, Washigton, USA May 14–17 (1989)

    Google Scholar 

  37. Ishai, Y., Kumaresan, R., Kushilevitz, E., Paskin-Cherniavsky, A.: Secure computation with minimal interaction, revisited. In: Gennaro, R., Robshaw, M. (eds.) CRYPTO 2015. LNCS, vol. 9216, pp. 359–378. Springer, Heidelberg (2015). https://doi.org/10.1007/978-3-662-48000-7_18

    CrossRef  Google Scholar 

  38. Ishai, Y., Kushilevitz, E.: Private simultaneous messages protocols with applications. In: Fifth Israel Symposium on Theory of Computing and Systems, ISTCS 1997, pp. 174–184, Ramat-Gan, Israel, June 17–19 (1997)

    Google Scholar 

  39. Ishai, Y., Kushilevitz, E.: Randomizing polynomials: A new representation with applications to round-efficient secure computation. In: 41st Annual Symposium on Foundations of Computer Science, FOCS 2000, pp. 294–304, Redondo Beach, California, USA, November 12–14 (2000)

    Google Scholar 

  40. Ishai, Y., Kushilevitz, E.: Perfect constant-round secure computation via perfect randomizing polynomials. In: Widmayer, P., Eidenbenz, S., Triguero, F., Morales, R., Conejo, R., Hennessy, M. (eds.) ICALP 2002. LNCS, vol. 2380, pp. 244–256. Springer, Heidelberg (2002). https://doi.org/10.1007/3-540-45465-9_22

    CrossRef  Google Scholar 

  41. Ishai, Y., Kushilevitz, E., Paskin, A.: Secure multiparty computation with minimal interaction. In: Rabin, T. (ed.) CRYPTO 2010. LNCS, vol. 6223, pp. 577–594. Springer, Heidelberg (2010). https://doi.org/10.1007/978-3-642-14623-7_31

    CrossRef  Google Scholar 

  42. Katz, J., Koo, C., Kumaresan, R.: Improving the round complexity of VSS in point-to-point networks. Inf. Comput. 207(8), 889–899 (2009)

    MathSciNet  CrossRef  Google Scholar 

  43. Kumaresan, R., Patra, A., Rangan, C.P.: The round complexity of verifiable secret sharing: the statistical case. In: Abe, M. (ed.) ASIACRYPT 2010. LNCS, vol. 6477, pp. 431–447. Springer, Heidelberg (2010). https://doi.org/10.1007/978-3-642-17373-8_25

    CrossRef  Google Scholar 

  44. Lamport, L., Fischer, M.: Byzantine generals and transaction commit protocols. Technical Report 62, SRI International (1982)

    Google Scholar 

  45. Moran, T., Naor, M., Segev, G.: An optimally fair coin toss. J. Cryptology 29(3), 491–513 (2016). https://doi.org/10.1007/s00145-015-9199-z

    MathSciNet  CrossRef  MATH  Google Scholar 

  46. Patra, A., Choudhary, A., Rabin, T., Rangan, C.P.: The round complexity of verifiable secret sharing revisited. In: Halevi, S. (ed.) CRYPTO 2009. LNCS, vol. 5677, pp. 487–504. Springer, Heidelberg (2009). https://doi.org/10.1007/978-3-642-03356-8_29

    CrossRef  Google Scholar 

  47. Patra, A., Choudhary, A., Rangan, C.P.: Simple and efficient asynchronous byzantine agreement with optimal resilience. In: Proceedings of the 28th Annual ACM Symposium on Principles of Distributed Computing, PODC 2009, pp. 92–101, Calgary, Alberta, Canada, August 10–12 (2009)

    Google Scholar 

  48. Patra, A., Rangan, C.P.: Communication and round efficient information checking protocol. CoRR abs/1004.3504 (2010). http://arxiv.org/abs/1004.3504

  49. Patra, A., Ravi, D.: On the power of hybrid networks in multi-party computation. IEEE Trans. Inf. Theory 64(6), 4207–4227 (2018)

    MathSciNet  CrossRef  Google Scholar 

  50. Pease, M.C., Shostak, R.E., Lamport, L.: Reaching agreement in the presence of faults. J. ACM 27(2), 228–234 (1980)

    MathSciNet  CrossRef  Google Scholar 

  51. Rabin, T., Ben-Or, M.: Verifiable secret sharing and multiparty protocols with honest majority (extended abstract). In: Proceedings of the 21st Annual ACM Symposium on Theory of Computing, pp. 73–85, Seattle, Washigton, USA, May 14–17 (1989)

    Google Scholar 

  52. Sander, T., Young, A.L., Yung, M.: Non-interactive cryptocomputing for NC1. In: 40th Annual Symposium on Foundations of Computer Science, FOCS 1999, pp. 554–567, New York, USA, October 17–18 (1999)

    Google Scholar 

  53. Tompa, M., Woll, H.: How to share a secret with cheaters. In: Odlyzko, A.M. (ed.) CRYPTO 1986. LNCS, vol. 263, pp. 261–265. Springer, Heidelberg (1987). https://doi.org/10.1007/3-540-47721-7_20

    CrossRef  Google Scholar 

  54. Unruh, D.: Everlasting multi-party computation. J. Cryptology 31(4), 965–1011 (2018). https://doi.org/10.1007/s00145-018-9278-z

    MathSciNet  CrossRef  MATH  Google Scholar 

  55. Yao, A.C.: Theory and applications of trapdoor functions (extended abstract). In: 23rd Annual Symposium on Foundations of Computer Science, pp. 80–91, Chicago, Illinois, USA, November 3–5 (1982)

    Google Scholar 

Download references

Author information

Authors and Affiliations

Authors

Corresponding author

Correspondence to Eliran Kachlon .

Editor information

Editors and Affiliations

Rights and permissions

Reprints and Permissions

Copyright information

© 2020 International Association for Cryptologic Research

About this paper

Verify currency and authenticity via CrossMark

Cite this paper

Applebaum, B., Kachlon, E., Patra, A. (2020). The Resiliency of MPC with Low Interaction: The Benefit of Making Errors (Extended Abstract). In: Pass, R., Pietrzak, K. (eds) Theory of Cryptography. TCC 2020. Lecture Notes in Computer Science(), vol 12551. Springer, Cham. https://doi.org/10.1007/978-3-030-64378-2_20

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-64378-2_20

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-64377-5

  • Online ISBN: 978-3-030-64378-2

  • eBook Packages: Computer ScienceComputer Science (R0)