Optimal Parameters for Efficient Two-Party Computation Protocols
We study the optimal parameters to minimize the cheating probability and communication complexity in protocols for two party computation secure against malicious adversaries. In cut-and-choose protocols for two party computation, we analyze the optimal parameters to keep the probability of undetected cheating minimum. We first study this for a constant number of circuits, and then generalize it to the case of constant bandwidth. More generally, the communication cost of opening a circuit is different from retaining the circuit for evaluation and we analyze the optimal parameters in this case, by fixing the total bits of communication. In the second part of our analysis, we minimize the communication complexity for a given probability of undetected cheating. We study, what should be the parameters to achieve a given cheating probability in minimum amount of communication in a given cut-and-choose protocol. While still keeping the security guarantees, that is, the cheating probability negligible, we achieve a concrete improvement in communication complexity by using optimal parameters in existing cut-and-choose protocols.
Keywordssecure computation malicious adversaries cheating probability communication complexity
- 1.Goldreich, O., Micali, S., Wigderson, A.: How to play any mental game or a completeness theorem for protocols with honest majority. In: Proceedings of 19th Annual ACM Symposium on Theory of Computing, pp. 218–229 (1987)Google Scholar
- 2.Goldreich, O.: Foundations of Cryptography. Basic Applications, vol. II. Cambridge University Press (2004)Google Scholar
- 8.Rabin, M.: How to exhange secrets by oblivious transfer. Technical Memo, TR-81, Aiken computation laboratory, Harvard U (1981)Google Scholar
- 11.Yao, A.C.: How to generate and exchange secrets. In: FOCS 1986: Proceedings of 27th Annual Symposium on Foundations of Computer Science, pp. 162–167 (1986)Google Scholar