We study the optimal parameters to minimize the cheating probability and communication complexity in protocols for two party computation secure against malicious adversaries. In cut-and-choose protocols for two party computation, we analyze the optimal parameters to keep the probability of undetected cheating minimum. We first study this for a constant number of circuits, and then generalize it to the case of constant bandwidth. More generally, the communication cost of opening a circuit is different from retaining the circuit for evaluation and we analyze the optimal parameters in this case, by fixing the total bits of communication. In the second part of our analysis, we minimize the communication complexity for a given probability of undetected cheating. We study, what should be the parameters to achieve a given cheating probability in minimum amount of communication in a given cut-and-choose protocol. While still keeping the security guarantees, that is, the cheating probability negligible, we achieve a concrete improvement in communication complexity by using optimal parameters in existing cut-and-choose protocols.


secure computation malicious adversaries cheating probability communication complexity 


  1. 1.
    Goldreich, O., Micali, S., Wigderson, A.: How to play any mental game or a completeness theorem for protocols with honest majority. In: Proceedings of 19th Annual ACM Symposium on Theory of Computing, pp. 218–229 (1987)Google Scholar
  2. 2.
    Goldreich, O.: Foundations of Cryptography. Basic Applications, vol. II. Cambridge University Press (2004)Google Scholar
  3. 3.
    Goyal, V., Mohassel, P., Smith, A.: Efficient Two Party and Multi Party Computation Against Covert Adversaries. In: Smart, N.P. (ed.) EUROCRYPT 2008. LNCS, vol. 4965, pp. 289–306. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  4. 4.
    Lindell, Y., Pinkas, B.: An Efficient Protocol for Secure Two-Party Computation in the Presence of Malicious Adversaries. In: Naor, M. (ed.) EUROCRYPT 2007. LNCS, vol. 4515, pp. 52–78. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  5. 5.
    Lindell, Y., Pinkas, B.: A proof of yao’s protocol for secure two-party computation. Journal of Cryptology 22(2), 161–188 (2009)MathSciNetzbMATHCrossRefGoogle Scholar
  6. 6.
    Lindell, Y., Pinkas, B.: Secure Two-Party Computation via Cut-and-Choose Oblivious Transfer. In: Ishai, Y. (ed.) TCC 2011. LNCS, vol. 6597, pp. 329–346. Springer, Heidelberg (2011)CrossRefGoogle Scholar
  7. 7.
    Mohassel, P., Franklin, M.: Efficiency Tradeoffs for Malicious Two-Party Computation. In: Yung, M., Dodis, Y., Kiayias, A., Malkin, T. (eds.) PKC 2006. LNCS, vol. 3958, pp. 458–473. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  8. 8.
    Rabin, M.: How to exhange secrets by oblivious transfer. Technical Memo, TR-81, Aiken computation laboratory, Harvard U (1981)Google Scholar
  9. 9.
    Shelat, A., Shen, C.-H.: Two-Output Secure Computation with Malicious Adversaries. In: Paterson, K.G. (ed.) EUROCRYPT 2011. LNCS, vol. 6632, pp. 386–405. Springer, Heidelberg (2011)CrossRefGoogle Scholar
  10. 10.
    Woodruff, D.P.: Revisiting the Efficiency of Malicious Two-Party Computation. In: Naor, M. (ed.) EUROCRYPT 2007. LNCS, vol. 4515, pp. 79–96. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  11. 11.
    Yao, A.C.: How to generate and exchange secrets. In: FOCS 1986: Proceedings of 27th Annual Symposium on Foundations of Computer Science, pp. 162–167 (1986)Google Scholar

Copyright information

© IFIP International Federation for Information Processing 2012

Authors and Affiliations

  • Chaya Ganesh
    • 1
  • C. Pandu Rangan
    • 1
  1. 1.Indian Institute of TechnologyMadrasIndia

Personalised recommendations