Non-Interactive Secure Multiparty Computation

  • Amos Beimel
  • Ariel Gabizon
  • Yuval Ishai
  • Eyal Kushilevitz
  • Sigurd Meldgaard
  • Anat Paskin-Cherniavsky
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 8617)


We introduce and study the notion of non-interactive secure multiparty computation (NIMPC). An NIMPC protocol for a function f(x1,…,x n ) is specified by a joint probability distribution R = (R1,…,R n ) and local encoding functions Enc i (x i ,r i ), 1 ≤ i ≤ n. Given correlated randomness (r1,…,r n ) ∈  R R, each party P i , using its input x i and its randomness r i , computes the message m i  = Enc i (x i ,r i ). The messages m1,…,m n can be used to decode f(x1,…,x n ). For a set T ⊆ [n], the protocol is said to be T-robust if revealing the messages \((\mathrm{Enc}_i(x_i,r_i))_{i\not\in T}\) together with the randomness (r i )i ∈ T gives the same information about \((x_i)_{i\not\in T}\) as an oracle access to the function f restricted to these input values. Namely, a coalition T can learn no more than the restriction of f fixing the inputs of uncorrupted parties, which, in this non-interactive setting, one cannot hope to hide. For 0 ≤ t ≤ n, the protocol is t-robust if it is T-robust for every T of size at most t and it is fully robust if it is n-robust. A 0-robust NIMPC protocol for f coincides with a protocol in the private simultaneous messages model of Feige et al. (STOC 1994).

In the setting of computational (indistinguishability-based) security, fully robust NIMPC is implied by multi-input functional encryption, a notion that was recently introduced by Goldwasser et al. (Eurocrypt 2014) and realized using indistinguishability obfuscation. We consider NIMPC in the information-theoretic setting and obtain unconditional positive results for some special cases of interest:
  • Group products. For every (possibly non-abelian) finite group G, the iterated group product function f(x1,…,x n ) = x1x2x n admits an efficient, fully robust NIMPC protocol.

  • Small functions. Every function f admits a fully robust NIMPC protocol whose complexity is polynomial in the size of the input domain (i.e., exponential in the total bit-length of the inputs).

  • Symmetric functions. Every symmetric function f:X n  → Y, where X is an input domain of constant size, admits a t-robust NIMPC protocol of complexity nO(t). For the case where f is a w-out-of-n threshold function, we get a fully robust protocol of complexity nO(w).

On the negative side, we show that natural attempts to realize NIMPC using private simultaneous messages protocols and garbling schemes from the literature fail to achieve even 1-robustness.


secure multiparty computation obfuscation private simultaneous messages protocols randomized encoding of functions garbling schemes multi-input functional encryption 


  1. 1.
    Applebaum, B., Ishai, Y., Kushilevitz, E.: Cryptography in NC0. In: Proc. FOCS 2004, pp. 166–175 (2004)Google Scholar
  2. 2.
    Barak, B., Garg, S., Kalai, Y.T., Paneth, O., Sahai, A.: Protecting Obfuscation against Algebraic Attacks. In: Nguyen, P.Q., Oswald, E. (eds.) EUROCRYPT 2014. LNCS, vol. 8441, pp. 221–238. Springer, Heidelberg (2014)CrossRefGoogle Scholar
  3. 3.
    Barak, B., Goldreich, O., Impagliazzo, R., Rudich, S., Sahai, A., Vadhan, S., Yang, K.: On the (Im)possibility of Obfuscating Programs. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, pp. 1–18. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  4. 4.
    Barrington, D.M.: Bounded-Width Polynomial-Size Branching Programs Recognize Exactly Those Languages in NC1. In: Proc. STOC 1986, pp. 1–5 (1986)Google Scholar
  5. 5.
    Bellare, M., Hoang, V.T., Rogaway, P.: Foundations of garbled circuits. In: Proc. ACM CCS 2012, pp. 784–796 (2012)Google Scholar
  6. 6.
    Boneh, D., Sahai, A., Waters, B.: Functional Encryption: Definitions and Challenges. In: Ishai, Y. (ed.) TCC 2011. LNCS, vol. 6597, pp. 253–273. Springer, Heidelberg (2011)CrossRefGoogle Scholar
  7. 7.
    Brakerski, Z., Rothblum, G.N.: Virtual Black-Box Obfuscation for All Circuits via Generic Graded Encoding. In: Lindell, Y. (ed.) TCC 2014. LNCS, vol. 8349, pp. 1–25. Springer, Heidelberg (2014)CrossRefGoogle Scholar
  8. 8.
    Canetti, R.: Security and composition of multiparty cryptographic protocols. Journal of Cryptology 13(1), 143–202 (2000)MathSciNetCrossRefzbMATHGoogle Scholar
  9. 9.
    Dodis, Y., Katz, J., Xu, S., Yung, M.: Key-Insulated Public Key Cryptosystems. In: Knudsen, L.R. (ed.) EUROCRYPT 2002. LNCS, vol. 2332, pp. 65–82. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  10. 10.
    Feige, U., Kilian, J., Naor, M.: A Minimal Model for Secure Computation. In: Proc. STOC 1994, pp. 554–563 (1994)Google Scholar
  11. 11.
    Garg, S., Gentry, C., Halevi, S., Raykova, M., Sahai, A., Waters, B.: Candidate Indistinguishability Obfuscation and Functional Encryption for All Circuits. In: Proc. FOCS 2013, pp. 40–49 (2013)Google Scholar
  12. 12.
    Goldreich, O.: Foundations of Cryptography, vol. 2. Cambridge University Press (2004)Google Scholar
  13. 13.
    Goldwasser, S., et al.: Multi-input Functional Encryption. In: Nguyen, P.Q., Oswald, E. (eds.) EUROCRYPT 2014. LNCS, vol. 8441, pp. 578–602. Springer, Heidelberg (2014)CrossRefGoogle Scholar
  14. 14.
    Goldwasser, S., Lewko, A.B., Wilson, D.A.: Bounded-Collusion IBE from Key Homomorphism. In: Cramer, R. (ed.) TCC 2012. LNCS, vol. 7194, pp. 564–581. Springer, Heidelberg (2012)CrossRefGoogle Scholar
  15. 15.
    Goldwasser, S., Rothblum, G.N.: On Best-Possible Obfuscation. In: Vadhan, S.P. (ed.) TCC 2007. LNCS, vol. 4392, pp. 194–213. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  16. 16.
    Gorbunov, S., Vaikuntanathan, V., Wee, H.: Functional Encryption with Bounded Collusions via Multi-party Computation. In: Safavi-Naini, R., Canetti, R. (eds.) CRYPTO 2012. LNCS, vol. 7417, pp. 162–179. Springer, Heidelberg (2012)CrossRefGoogle Scholar
  17. 17.
    Gordon, S.D., Malkin, T., Rosulek, M., Wee, H.: Multi-party Computation of Polynomials and Branching Programs without Simultaneous Interaction. In: Johansson, T., Nguyen, P.Q. (eds.) EUROCRYPT 2013. LNCS, vol. 7881, pp. 575–591. Springer, Heidelberg (2013)CrossRefGoogle Scholar
  18. 18.
    Goyal, V., Pandey, O., Sahai, A., Waters, B.: Attribute-based encryption for fine-grained access control of encrypted data. In: Proc. ACM CCS 2006, pp. 89–98 (2006)Google Scholar
  19. 19.
    Goyal, V., Ishai, Y., Sahai, A., Venkatesan, R., Wadia, A.: Founding Cryptography on Tamper-Proof Hardware Tokens. In: Micciancio, D. (ed.) TCC 2010. LNCS, vol. 5978, pp. 308–326. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  20. 20.
    Halevi, S., Lindell, Y., Pinkas, B.: Secure Computation on the Web: Computing without Simultaneous Interaction. In: Rogaway, P. (ed.) CRYPTO 2011. LNCS, vol. 6841, pp. 132–150. Springer, Heidelberg (2011)CrossRefGoogle Scholar
  21. 21.
    Ishai, Y., Kushilevitz, E.: Private simultaneous Messages Protocols with Applications. In: ISTCS 1997, pp. 174–184 (1997)Google Scholar
  22. 22.
    Ishai, Y., Kushilevitz, E.: Randomizing Polynomials: A New Representation with Applications to Round-Efficient Secure Computation. In: FOCS 2000, pp. 294–304 (2000)Google Scholar
  23. 23.
    Ishai, Y., Kushilevitz, E.: Perfect Constant-Round Secure Computation via Perfect Randomizing Polynomials. In: Widmayer, P., Triguero, F., Morales, R., Hennessy, M., Eidenbenz, S., Conejo, R. (eds.) ICALP 2002. LNCS, vol. 2380, pp. 244–256. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  24. 24.
    Ishai, Y., Kushilevitz, E., Meldgaard, S., Orlandi, C., Paskin-Cherniavsky, A.: On the Power of Correlated Randomness in Secure Computation. In: Sahai, A. (ed.) TCC 2013. LNCS, vol. 7785, pp. 600–620. Springer, Heidelberg (2013)CrossRefGoogle Scholar
  25. 25.
    Ishai, Y., Kushilevitz, E., Ostrovsky, R., Sahai, A.: Cryptography with constant computational overhead. In: Proc. STOC 2008, pp. 433–442 (2008)Google Scholar
  26. 26.
    Kilian, J.: Founding Cryptography on Oblivious Transfer. In: Proc. STOC 1988, pp. 20–31 (1988)Google Scholar
  27. 27.
    Naor, M., Pinkas, B., Sumner, R.: Privacy Preserving Auctions and Mechanism Design. In: Proc. ACM Conference on Electronic Commerce 1999, pp. 129–139 (1999)Google Scholar
  28. 28.
    O’Neill, A.: Definitional Issues in Functional Encryption. IACR Cryptology ePrint Archive 2010: 556Google Scholar
  29. 29.
    Sahai, A., Waters, B.: Fuzzy Identity-Based Encryption. In: Cramer, R. (ed.) EUROCRYPT 2005. LNCS, vol. 3494, pp. 457–473. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  30. 30.
    Yao, A.C.C.: How to Generate and Exchange Secrets. In: Proc. 27th FOCS 1986, pp. 162–167 (1986)Google Scholar

Copyright information

© International Association for Cryptologic Research 2014

Authors and Affiliations

  • Amos Beimel
    • 1
  • Ariel Gabizon
    • 2
  • Yuval Ishai
    • 2
  • Eyal Kushilevitz
    • 2
  • Sigurd Meldgaard
    • 3
  • Anat Paskin-Cherniavsky
    • 4
  1. 1.Dept. of Computer ScienceBen Gurion UniversityBeer ShevaIsrael
  2. 2.Computer Science DepartmentTechnionHaifaIsrael
  3. 3.Google AarhusDenmark
  4. 4.Computer Science Department, UCLALos AngelesUSA

Personalised recommendations