Advertisement

Identifying Cheaters without an Honest Majority

  • Yuval Ishai
  • Rafail Ostrovsky
  • Hakan Seyalioglu
Part of the Lecture Notes in Computer Science book series (LNCS, volume 7194)

Abstract

Motivated by problems in secure multiparty computation (MPC), we study a natural extension of identifiable secret sharing to the case where an arbitrary number of players may be corrupted. An identifiable secret sharing scheme is a secret sharing scheme in which the reconstruction algorithm, after receiving shares from all players, either outputs the correct secret or publicly identifies the set of all cheaters (players who modified their original shares) with overwhelming success probability. This property is impossible to achieve without an honest majority. Instead, we settle for having the reconstruction algorithm inform each honest player of the correct set of cheaters. We show that this new notion of secret sharing can be unconditionally realized in the presence of arbitrarily many corrupted players. We demonstrate the usefulness of this primitive by presenting several applications to MPC without an honest majority.

  • Complete primitives for MPC. We present the first unconditional construction of a complete primitive for fully secure function evaluation whose complexity does not grow with the complexity of the function being evaluated. This can be used for realizing fully secure MPC using small and stateless tamper-proof hardware. A previous completeness result of Gordon et al. (TCC 2010) required the use of cryptographic signatures.

  • Applications to partial fairness. We eliminate the use of cryptography from the online phase of recent protocols for multiparty coin-flipping and MPC with partial fairness (Beimel et al., Crypto 2010 and Crypto 2011). This is a corollary of a more general technique for unconditionally upgrading security against fail-stop adversaries with preprocessing to security against malicious adversaries.

Finally, we complement our positive results by a negative result on identifying cheaters in unconditionally secure MPC. It is known that MPC without an honest majority can be realized unconditionally in the OT-hybrid model, provided that one settles for “security with abort” (Kilian, 1988). That is, the adversary can decide whether to abort the protocol after learning the outputs of corrupted players. We show that such protocols cannot be strengthened so that all honest players agree on the identity of a corrupted player in the event that the protocol aborts, even if a broadcast primitive can be used. This is contrasted with the computational setting, in which this stronger notion of security can be realized under standard cryptographic assumptions (Goldreich et al., 1987).

Keywords

Secret Sharing Access Structure Secret Sharing Scheme Oblivious Transfer Byzantine Agreement 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

References

  1. 1.
    Beimel, A., Lindell, Y., Omri, E., Orlov, I.: 1/p-Secure Multiparty Computation without Honest Majority and the Best of Both Worlds. In: Rogaway, P. (ed.) CRYPTO 2011. LNCS, vol. 6841, pp. 277–296. Springer, Heidelberg (2011)Google Scholar
  2. 2.
    Beimel, A., Omri, E., Orlov, I.: Protocols for Multiparty Coin Toss with Dishonest Majority. In: Rabin, T. (ed.) CRYPTO 2010. LNCS, vol. 6223, pp. 538–557. Springer, Heidelberg (2010)Google Scholar
  3. 3.
    Brickell, E.F., Stinson, D.R.: The detection of cheaters in threshold schemes. SIAM J. Discrete Math. 4(4), 502–510 (1991)MathSciNetCrossRefzbMATHGoogle Scholar
  4. 4.
    Canetti, R.: Security and composition of multiparty cryptographic protocols. Journal of Cryptology 13(1), 143–202 (2000)MathSciNetCrossRefzbMATHGoogle Scholar
  5. 5.
    Carpentieri, M.: A perfect threshold secret sharing scheme to identify cheaters. Designs, Codes and Cryptography 5(3), 183–187 (1995)MathSciNetCrossRefzbMATHGoogle Scholar
  6. 6.
    Chor, B., Kushilevitz, E.: A zero-one law for boolean privacy (extended abstract). In: STOC 1989, pp. 62–72 (1989)Google Scholar
  7. 7.
    Choudhury, A.: Simple and asymptotically optimal t-cheater identifiable secret sharing scheme. IACR Cryptology ePrint Archive 2011, 330 (2011)Google Scholar
  8. 8.
    Cleve, R.: Limits on the security of coin flips when half the processors are faulty (extended abstract). In: STOC 1986, pp. 364–369. ACM (1986)Google Scholar
  9. 9.
    Cramer, R., Dodis, Y., Fehr, S., Padró, C., Wichs, D.: Detection of Algebraic Manipulation with Applications to Robust Secret Sharing and Fuzzy Extractors. In: Smart, N.P. (ed.) EUROCRYPT 2008. LNCS, vol. 4965, pp. 471–488. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  10. 10.
    Fehr, S., Maurer, U.M.: Linear VSS and Distributed Commitments Based on Secret Sharing and Pairwise Checks. In: Yung, M. (ed.) CRYPTO 2002. LNCS, vol. 2442, pp. 565–580. Springer, Heidelberg (2002)Google Scholar
  11. 11.
    Fitzi, M., Garay, J.A., Maurer, U.M., Ostrovsky, R.: Minimal complete primitives for secure multi-party computation. J. Cryptology 18(1), 37–61 (2005)MathSciNetCrossRefzbMATHGoogle Scholar
  12. 12.
    Goldreich, O., Micali, S., Wigderson, A.: How to play any mental game or a completeness theorem for protocols with honest majority. In: STOC 1987, pp. 218–229 (1987)Google Scholar
  13. 13.
    Gordon, D., Ishai, Y., Moran, T., Ostrovsky, R., Sahai, A.: On Complete Primitives for Fairness. In: Micciancio, D. (ed.) TCC 2010. LNCS, vol. 5978, pp. 91–108. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  14. 14.
    Gordon, S.D., Katz, J.: Partial Fairness in Secure Two-Party Computation. In: Gilbert, H. (ed.) EUROCRYPT 2010. LNCS, vol. 6110, pp. 157–176. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  15. 15.
    Goyal, V., Ishai, Y., Mahmoody, M., Sahai, A.: Interactive Locking, Zero-Knowledge PCPs, and Unconditional Cryptography. In: Rabin, T. (ed.) CRYPTO 2010. LNCS, vol. 6223, pp. 173–190. Springer, Heidelberg (2010)Google Scholar
  16. 16.
    Ishai, Y., Prabhakaran, M., Sahai, A.: Founding Cryptography on Oblivious Transfer – Efficiently. In: Wagner, D. (ed.) CRYPTO 2008. LNCS, vol. 5157, pp. 572–591. Springer, Heidelberg (2008)Google Scholar
  17. 17.
    Katz, J.: Universally Composable Multi-party Computation Using Tamper-Proof Hardware. In: Naor, M. (ed.) EUROCRYPT 2007. LNCS, vol. 4515, pp. 115–128. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  18. 18.
    Kilian, J.: Founding cryptography on oblivious transfer. In: STOC 1988, pp. 20–31. ACM (1988)Google Scholar
  19. 19.
    Kilian, J., Kushilevitz, E., Micali, S., Ostrovsky, R.: Reducibility and completeness in private computations. SIAM J. Comput. 29(4), 1189–1208 (2000)MathSciNetCrossRefzbMATHGoogle Scholar
  20. 20.
    Kurosawa, K., Obana, S., Ogata, W.: t-Cheater Identifiable (k, n) Threshold Secret Sharing Schemes. In: Coppersmith, D. (ed.) CRYPTO 1995. LNCS, vol. 963, pp. 410–423. Springer, Heidelberg (1995)Google Scholar
  21. 21.
    Kushilevitz, E., Micali, S., Ostrovsky, R.: Reducibility and completeness in multi-party private computations. In: FOCS 1994, pp. 478–489 (1994)Google Scholar
  22. 22.
    McEliece, R.J., Sarwate, D.V.: On sharing secrets and Reed-Solomon codes. Commun. ACM 24(9), 583–584 (1981)MathSciNetCrossRefGoogle Scholar
  23. 23.
    Moran, T., Naor, M., Segev, G.: An Optimally Fair Coin Toss. In: Reingold, O. (ed.) TCC 2009. LNCS, vol. 5444, pp. 1–18. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  24. 24.
    Obana, S., Araki, T.: Almost Optimum Secret Sharing Schemes Secure Against Cheating for Arbitrary Secret Distribution. In: Lai, X., Chen, K. (eds.) ASIACRYPT 2006. LNCS, vol. 4284, pp. 364–379. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  25. 25.
    Patra, A., Choudhary, A., Pandu Rangan, C.: Round Efficient Unconditionally Secure Multiparty Computation Protocol. In: Chowdhury, D.R., Rijmen, V., Das, A. (eds.) INDOCRYPT 2008. LNCS, vol. 5365, pp. 185–199. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  26. 26.
    Pfitzmann, B., Waidner, M.: Information-theoretic pseudosignatures and byzantine agreement for t= n/3. IBM Research Report RZ 1996, 2882 (1996)Google Scholar
  27. 27.
    Pfitzmann, B., Waidner, M.: Unconditional Byzantine Agreement for any Number of Faulty Processors. In: Finkel, A., Jantzen, M. (eds.) STACS 1992. LNCS, vol. 577, pp. 337–350. Springer, Heidelberg (1992)CrossRefGoogle Scholar
  28. 28.
    Rabin, T., Ben-Or, M.: Verifiable secret sharing and multiparty protocols with honest majority (extended abstract). In: STOC 1989, pp. 73–85 (1989)Google Scholar
  29. 29.
    Rogaway, P., Bellare, M.: Robust computational secret sharing and a unified account of classical secret-sharing goals. In: CCS 2007, pp. 172–184 (2007)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2012

Authors and Affiliations

  • Yuval Ishai
    • 1
  • Rafail Ostrovsky
    • 2
    • 3
  • Hakan Seyalioglu
    • 3
  1. 1.Department of Computer ScienceTechnionIsrael
  2. 2.Department of Computer ScienceUCLAUSA
  3. 3.Department of MathematicsUCLAUSA

Personalised recommendations