Skip to main content
Book cover

Annual International Conference on the Theory and Applications of Cryptographic Techniques

EUROCRYPT 2007: Advances in Cryptology - EUROCRYPT 2007 pp 52–78Cite as

An Efficient Protocol for Secure Two-Party Computation in the Presence of Malicious Adversaries

  • Conference paper

Part of the Lecture Notes in Computer Science book series (LNSC,volume 4515)

Abstract

We show an efficient secure two-party protocol, based on Yao’s construction, which provides security against malicious adversaries. Yao’s original protocol is only secure in the presence of semi-honest adversaries. Security against malicious adversaries can be obtained by applying the compiler of Goldreich, Micali and Wigderson (the “GMW compiler”). However, this approach does not seem to be very practical as it requires using generic zero-knowledge proofs.

Our construction is based on applying cut-and-choose techniques to the original circuit and inputs. Security is proved according to the ideal/real simulation paradigm, and the proof is in the standard model (with no random oracle model or common reference string assumptions). The resulting protocol is computationally efficient: the only usage of asymmetric cryptography is for running O(1) oblivious transfers for each input bit (or for each bit of a statistical security parameter, whichever is larger). Our protocol combines techniques from folklore (like cut-and-choose) along with new techniques for efficiently proving consistency of inputs. We remark that a naive implementation of the cut-and-choose technique with Yao’s protocol does not yield a secure protocol. This is the first paper to show how to properly implement these techniques, and to provide a full proof of security.

Our protocol can also be interpreted as a constant-round black-box reduction of secure two-party computation to oblivious transfer and perfectly-hiding commitments, or a black-box reduction of secure two-party computation to oblivious transfer alone, with a number of rounds which is linear in a statistical security parameter. These two reductions are comparable to Kilian’s reduction, which uses OT alone but incurs a number of rounds which is linear in the depth of the circuit [18].

Keywords

  • Secure Protocol
  • Commitment Scheme
  • Oblivious Transfer
  • Honest Party
  • Malicious Adversary

These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

Download conference paper PDF

References

  1. Aggarwal, G., Mishra, N., Pinkas, B.: Secure Computation of the k-th Ranked Element. In: Cachin, C., Camenisch, J.L. (eds.) EUROCRYPT 2004. LNCS, vol. 3027, pp. 40–55. Springer, Heidelberg (2004)

    CrossRef  Google Scholar 

  2. Aiello, B., Ishai, Y., Reingold, O.: Priced Oblivious Transfer: How to Sell Digital Goods. In: Pfitzmann, B. (ed.) EUROCRYPT 2001. LNCS, vol. 2045, pp. 119–135. Springer, Heidelberg (2001)

    CrossRef  Google Scholar 

  3. Barak, B., Lindell, Y.: Strict Polynomial-Time in Simulation and Extraction. SIAM Journal on Computing 33(4), 783–818 (2004)

    CrossRef  MathSciNet  MATH  Google Scholar 

  4. Beaver, D.: Foundations of Secure Interactive Computing. In: Feigenbaum, J. (ed.) CRYPTO 1991. LNCS, vol. 576, pp. 377–391. Springer, Heidelberg (1992)

    Google Scholar 

  5. Canetti, R.: Security and Composition of Multiparty Cryptographic Protocols. Journal of Cryptology 13(1), 143–202 (2000)

    CrossRef  MathSciNet  MATH  Google Scholar 

  6. Cramer, R.J.F., Damgård, I.B., Schoenmakers, B.: Proof of Partial Knowledge and Simplified Design of Witness Hiding Protocols. In: Desmedt, Y.G. (ed.) CRYPTO 1994. LNCS, vol. 839, pp. 174–187. Springer, Heidelberg (1994)

    Google Scholar 

  7. Even, S., Goldreich, O., Lempel, A.: A Randomized Protocol for Signing Contracts. Communications of the ACM 28(6), 637–647 (1985)

    CrossRef  MathSciNet  Google Scholar 

  8. Goldreich, O.: Foundations of Cryptography: Volume 1 – Basic Tools. Cambridge University Press, Cambridge (2001)

    CrossRef  Google Scholar 

  9. Goldreich, O.: Foundations of Cryptography: Volume 2 – Basic Applications. Cambridge University Press, Cambridge (2004)

    Google Scholar 

  10. Goldreich, O., Kahan, A.: How To Construct Constant-Round Zero-Knowledge Proof Systems for NP. Journal of Cryptology 9(3), 167–190 (1996)

    CrossRef  MathSciNet  MATH  Google Scholar 

  11. Goldreich, O., Micali, S., Wigderson, A.: How to Play any Mental Game – A Completeness Theorem for Protocols with Honest Majority. In: 19th STOC, pp. 218–229 (1987), For details see: Goldreich, O.: Foundations of Cryptography: Volume 2 – Basic Applications. Cambridge University Press, Cambridge (2004)

    Google Scholar 

  12. Goldwasser, S., Levin, L.: Fair Computation of General Functions in Presence of Immoral Majority. In: Menezes, A., Vanstone, S.A. (eds.) CRYPTO 1990. LNCS, vol. 537, pp. 77–93. Springer, Heidelberg (1991)

    Google Scholar 

  13. Goldwasser, S., Micali, S., Rivest, R.L.: A Digital Signature Scheme Secure Against Adaptive Chosen-Message Attacks. SIAM J. Comput. 17(2), 281–308 (1988)

    CrossRef  MathSciNet  MATH  Google Scholar 

  14. Halevi, S., Micali, S.: Practical and Provably-Secure Commitment Schemes from Collision-Free Hashing. In: Koblitz, N. (ed.) CRYPTO 1996. LNCS, vol. 1109, pp. 201–215. Springer, Heidelberg (1996)

    Google Scholar 

  15. Jarecki, S., Shmatikov, V.: Efficient Two-Party Secure Computation on Committed Inputs. Eurocrypt 2007, in these proceedings (2007)

    Google Scholar 

  16. Kalai, Y.T.: Smooth Projective Hashing and Two-Message Oblivious Transfer. In: Cramer, R.J.F. (ed.) EUROCRYPT 2005. LNCS, vol. 3494, pp. 78–95. Springer, Heidelberg (2005)

    CrossRef  Google Scholar 

  17. Katz, J., Lindell, Y.: Handling Expected Polynomial-Time Strategies in Simulation-Based Security Proofs. In: Kilian, J. (ed.) TCC 2005. LNCS, vol. 3378, pp. 128–149. Springer, Heidelberg (2005)

    CrossRef  Google Scholar 

  18. Kilian, J.: Founding Cryptography on Oblivious Transfer. In: 20th STOC, pp. 20–31 (1988)

    Google Scholar 

  19. Kiraz, M., Schoenmakers, B.: A Protocol Issue for the Malicious Case of Yao’s Garbled Circuit Construction. In: Proceedings of 27th Symposium on Information Theory in the Benelux, pp. 283–290 (2006)

    Google Scholar 

  20. Lindell, Y., Pinkas, B.: A Proof of Yao’s Protocol for Secure Two-Party Computation. To appear in the Journal of Cryptology, Also appeared as Cryptology ePrint Archive, Report 2004/175 (2004)

    Google Scholar 

  21. Malkhi, D., Nisan, N., Pinkas, B., Sella, Y.: Fairplay – A Secure Two-Party Computation System. In: 13th USENIX Security Symposium, pp. 287–302 (2004)

    Google Scholar 

  22. Micali, S., Rogaway, P.: Secure Computation. In: Feigenbaum, J. (ed.) CRYPTO 1991. LNCS, vol. 576, pp. 392–404. Springer, Heidelberg (1992)

    Google Scholar 

  23. Mohassel, P., Franklin, M.K.: Efficiency Tradeoffs for Malicious Two-Party Computation. In: Yung, M., Dodis, Y., Kiayias, A., Malkin, T.G. (eds.) PKC 2006. LNCS, vol. 3958, pp. 458–473. Springer, Heidelberg (2006)

    CrossRef  Google Scholar 

  24. Naor, M.: Bit Commitment Using Pseudorandomness. Journal of Cryptology 4(2), 151–158 (1991)

    CrossRef  MATH  Google Scholar 

  25. Naor, M., Pinkas, B.: Efficient Oblivious Transfer Protocols. In: 12th SODA, pp. 448–457 (2001)

    Google Scholar 

  26. Pedersen, T.P.: Non-Interactive and Information-Theoretic Secure Verifiable Secret Sharing. In: Feigenbaum, J. (ed.) CRYPTO 1991. LNCS, vol. 576, pp. 129–140. Springer, Heidelberg (1992)

    Google Scholar 

  27. Rabin, M.: How to Exchange Secrets by Oblivious Transfer. Tech. Memo TR-81, Aiken Computation Laboratory, Harvard U. (1981)

    Google Scholar 

  28. Woodruff, D.: Revisiting the Efficiency of Malicious Two-Party Computation. Eurocrypt ’2007, in these proceedings (2007)

    Google Scholar 

  29. Yao, A.: How to Generate and Exchange Secrets. In: 27th FOCS, pp. 162–167 (1986)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Dept. of Computer Science, Bar-Ilan University, Israel

    Yehuda Lindell

  2. Dept. of Computer Science, University of Haifa, Israel

    Benny Pinkas

Authors
  1. Yehuda Lindell
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Benny Pinkas
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Department of Computer Science and Applied Mathematics, Weizmann Institute of Science, 76100, Rehovot, Israel

    Moni Naor

Rights and permissions

Reprints and Permissions

Copyright information

© 2007 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Lindell, Y., Pinkas, B. (2007). An Efficient Protocol for Secure Two-Party Computation in the Presence of Malicious Adversaries. In: Naor, M. (eds) Advances in Cryptology - EUROCRYPT 2007. EUROCRYPT 2007. Lecture Notes in Computer Science, vol 4515. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-72540-4_4

Download citation

  • DOI: https://doi.org/10.1007/978-3-540-72540-4_4

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-72539-8

  • Online ISBN: 978-3-540-72540-4

  • eBook Packages: Computer ScienceComputer Science (R0)