A Quantitative Approach to Reductions in Secure Computation

  • Amos Beimel
  • Tal Malkin
Part of the Lecture Notes in Computer Science book series (LNCS, volume 2951)


Secure computation is one of the most fundamental cryptographic tasks. It is known that all functions can be computed securely in the information theoretic setting, given access to a black box for some complete function such as AND. However, without such a black box, not all functions can be securely computed. This gives rise to two types of functions, those that can be computed without a black box (“easy”) and those that cannot (“hard”). However, no further distinction among the hard functions is made.

In this paper, we take a quantitative approach, associating with each function f the minimal number of calls to the black box that are required for securely computing f. Such an approach was taken before, mostly in an ad-hoc manner, for specific functions f of interest. We propose a systematic study, towards a general characterization of the hierarchy according to the number of black-box calls. This approach leads to a better understanding of the inherent complexity for securely computing a given function f. Furthermore, minimizing the number of calls to the black box can lead to more efficient protocols when the calls to the black box are replaced by a secure protocol.

We take a first step in this study, by considering the two-party, honest-but-curious, information-theoretic case. For this setting, we provide a complete characterization for deterministic protocols. We explore the hierarchy for randomized protocols as well, giving upper and lower bounds, and comparing it to the deterministic hierarchy. We show that for every Boolean function the largest gap between randomized and deterministic protocols is at most exponential, and there are functions which exhibit such a gap.


Boolean Function Secure Protocol Secure Computation Circuit Complexity Oblivious Transfer 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


  1. 1.
    Beaver, D.: Perfect privacy for two-party protocols. Technical Report TR-11-89, Computer Science, Harvard University (1989)Google Scholar
  2. 2.
    Beaver, D.: Correlated pseudorandomness and the complexity of private computations. In: The 28th Symp. on the Theory of Computing, pp. 479–488 (1996)Google Scholar
  3. 3.
    Beimel, A., Malkin, T.G., Micali, S.: The all-or-nothing nature of two-party secure computation. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 80–97. Springer, Heidelberg (1999)Google Scholar
  4. 4.
    Ben-Or, M., Goldwasser, S., Wigderson, A.: Completeness theorems for noncryptographic fault-tolerant distributed computations. In: The 20th Symp. on the Theory of Computing, pp. 1–10 (1988)Google Scholar
  5. 5.
    Brassard, G., Crépeau, C.: Oblivious transfers and privacy amplification. In: Fumy, W. (ed.) EUROCRYPT 1997. LNCS, vol. 1233, pp. 334–347. Springer, Heidelberg (1997)Google Scholar
  6. 6.
    Brassard, G., Crépeau, C., Robert, J.-M.: Information theoretic reductions among disclosure problems. In: The 27th Symp. on Foundations of Computer Science, pp. 168–173 (1986)Google Scholar
  7. 7.
    Brassard, G., Crépeau, C., Sántha, M.: Oblivious transfers and intersecting codes. IEEE Trans. on Information Theory 42(6), 1769–1780 (1996)zbMATHCrossRefGoogle Scholar
  8. 8.
    Canetti, R.: Security and composition of multiparty cryptographic protocols. J. of Cryptology 13(1), 143–202 (2000)zbMATHCrossRefMathSciNetGoogle Scholar
  9. 9.
    Chaum, D., Crépeau, C., Damgård, I.: Multiparty unconditionally secure protocols. In: The 20th Symp. on the Theory of Computing, pp. 11–19 (1988)Google Scholar
  10. 10.
    Chor, B., Kushilevitz, E.: A zero-one law for Boolean privacy. SIAM J. on Discrete Mathematics 4(1), 36–47 (1991)zbMATHCrossRefMathSciNetGoogle Scholar
  11. 11.
    Crépeau, C.: Equivalence between two flavours of oblivious transfers. In: Pomerance, C. (ed.) CRYPTO 1987. LNCS, vol. 293, pp. 350–354. Springer, Heidelberg (1988)Google Scholar
  12. 12.
    Crépeau, C., Kilian, J.: Achieving oblivious transfer using weakened security assumptions. In: 29th Symp. on Found. of Computer Science, pp. 42–52 (1988)Google Scholar
  13. 13.
    Damgård, I.B., Kilian, J., Salvail, L.: On the (im)possibility of basing oblivious transfer and bit commitment on weakened security assumptions. In: Stern, J. (ed.) EUROCRYPT 1999. LNCS, vol. 1592, pp. 56–73. Springer, Heidelberg (1999)Google Scholar
  14. 14.
    Dodis, Y., Micali, S.: Lower bounds for oblivious transfer reductions. In: Stern, J. (ed.) EUROCRYPT 1999. LNCS, vol. 1592, pp. 42–55. Springer, Heidelberg (1999)Google Scholar
  15. 15.
    Forster, J.: A linear lower bound on the unbounded error probabilistic communication complexity. In: 16th Conf. on Comput. Complexity, pp. 100–106 (2001)Google Scholar
  16. 16.
    Goldreich, O., Vainish, R.: How to solve any protocol problem—an efficiency improvement. In: Pomerance, C. (ed.) CRYPTO 1987. LNCS, vol. 293, pp. 73–86. Springer, Heidelberg (1988)Google Scholar
  17. 17.
    Ishai, Y., Kilian, J., Nissim, K., Petrank, E.: Extending oblivious transfers efficiently. In: Boneh, D. (ed.) CRYPTO 2003. LNCS, vol. 2729, pp. 145–161. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  18. 18.
    Kilian, J.: Basing cryptography on oblivious transfer. In: Proc. of the 20th Symp. on the Theory of Computing, pp. 20–31 (1988)Google Scholar
  19. 19.
    Kilian, J.: A general completeness theorem for two-party games. In: Proc. of the 23rd Symp. on the Theory of Computing, pp. 553–560 (1991)Google Scholar
  20. 20.
    Kilian, J.: More general completeness theorems for two-party games. In: Proc. of the 32nd Symp. on the Theory of Computing, pp. 316–324 (2000)Google Scholar
  21. 21.
    Kilian, J., Kushilevitz, E., Micali, S., Ostrovsky, R.: Reducibility and completeness in private computations. SIAM J. on Computing 28(4), 1189–1208 (2000)CrossRefMathSciNetGoogle Scholar
  22. 22.
    Kushilevitz, E.: Privacy and communication complexity. SIAM J. on Discrete Mathematics 5(2), 273–284 (1992)zbMATHCrossRefMathSciNetGoogle Scholar
  23. 23.
    Kushilevitz, E., Nisan, N.: Communication Complexity. Cambridge University Press, Cambridge (1997)zbMATHGoogle Scholar
  24. 24.
    Maurer, U.: Information-theoretic cryptography. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 47–64. Springer, Heidelberg (1999)Google Scholar
  25. 25.
    Naor, M., Nissim, K.: Communication preserving protocols for secure function evaluation. In: Proc. of the 33rd Symp. on the Theory of Computing (2001)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2004

Authors and Affiliations

  • Amos Beimel
    • 1
  • Tal Malkin
    • 2
  1. 1.Department of Computer ScienceBen-Gurion University 
  2. 2.Department of Computer ScienceColumbia University 

Personalised recommendations