Secure Protocol Transformations
In the rich literature of secure multi-party computation (MPC), several important results rely on “protocol transformations,” whereby protocols from one model of MPC are transformed to protocols from another model. Motivated by the goal of simplifying and unifying results in the area of MPC, we formalize a general notion of black-box protocol transformations that captures previous transformations from the literature as special cases, and present several new transformations. We motivate our study of protocol transformations by presenting the following applications.
- Simplifying feasibility results:
Easily rederive a result in Goldreich’s book (2004), on MPC with full security in the presence of an honest majority, from an earlier result in the book, on MPC that offers “security with abort.”
Rederive the classical result of Rabin and Ben-Or (1989) by applying a transformation to the simpler protocols of Ben-Or et al. or Chaum et al. (1988).
- Efficiency improvements:
The first “constant-rate” MPC protocol for a constant number of parties that offers full information-theoretic security with an optimal threshold, improving over the protocol of Rabin and Ben-Or;
A fully secure MPC protocol with optimal threshold that improves over a previous protocol of Ben-Sasson et al. (2012) in the case of “deep and narrow” computations;
A fully secure MPC protocol with near-optimal threshold that improves over a previous protocol of Damgård et al. (2010) by improving the dependence on the security parameter from linear to polylogarithmic;
An efficient new transformation from passive-secure two-party computation in the OT-hybrid and OLE-hybrid model to zero-knowledge proofs, improving over a recent similar transformation of Hazay and Venkitasubramaniam (2016) for the case of static zero-knowledge, which is restricted to the OT-hybrid model and requires a large number of commitments.
Finally, we prove the impossibility of two simple types of black-box protocol transformations, including an unconditional variant of a previous negative result of Rosulek (2012) that relied on the existence of one-way functions.
KeywordsProtocol Transformation Message Authentication Code Broadcast Channel Honest Party Probabilistic Polynomial Time
This research was done in part while the authors were visiting the Simons Institute for the Theory of Computing, supported by the Simons Foundation and by the DIMACS/Simons Collaboration in Cryptography through NSF grant #CNS-15-23467. The individual authors were supported during this work by the following grants: ISF grant 1709/14, BSF grant 2012378, ERC starting grant 259426, a DARPA/ARL SAFEWARE award, NSF Frontier Award 14-13955, NSF grants 12-28856, 12-28984, 11-36174, 11-18096, and 10-65276, a Xerox Faculty Research Award, a Google Faculty Research Award, an equipment grant from Intel, and an Okawa Foundation Research Grant. This material is in part based upon work supported by the Defense Advanced Research Projects Agency through the ARL under Contract W911NF-15-C-0205. The views expressed are those of the authors and do not reflect the official policy or position of the Department of Defense, the National Science Foundation, or the U.S. Government.
- 1.Proceedings of the 20th STOC. ACM (1988)Google Scholar
- 3.Ben-Or, M., Goldwasser, S., Wigderson, A.: Completeness theorems for non-cryptographic fault-tolerant distributed computation. In: Proceedings of the 20th STOC, pp. 1–10. ACM (1988)Google Scholar
- 7.Chaum, D., Crépeau, C., Damgård, I.: Multiparty unconditionally secure protocols. In: Proceedings of 20th STOC, pp. 11–19. ACM (1988)Google Scholar
- 9.Cleve, R.: Limits on the security of coin flips when half the processors are faulty (extended abstract). In: STOC, pp. 364–369. ACM (1986)Google Scholar
- 14.Genkin, D., Ishai, Y., Prabhakaran, M.M., Sahai, A., Tromer, E.: Circuits resilient to additive attacks with applications to secure multiparty computation. In: The Proceedings of the 46th Annual Symposium on the Theory of Computing (STOC) (2014)Google Scholar
- 16.Goldreich, O., Micali, S., Wigderson, A.: How to play ANY mental game. In: ACM, ed. Proceedings of 19th STOC, pp. 218–229. ACM (1987). See [14, Chap. 7] for more detailsGoogle Scholar
- 17.Goldwasser, S., Micali, S., Rackoff, C.: The knowledge complexity of interactive proof-systems. In: Proceedings of 17th STOC, pp. 291–304. ACM (1985)Google Scholar
- 18.Hazay, C., Venkitasubramaniam, M.: On the power of secure two-party computation. Cryptology ePrint Archive, Report 2016/074. http://eprint.iacr.org/2016/074. (2016 to appear in Proceedings of Crypto 2016)
- 20.Ishai, Y., Kushilevitz, E., Ostrovsky, R., Sahai, A.: Zero-knowledge from secure multiparty computation. In: STOC, pp. 21–30. ACM (2007)Google Scholar
- 24.Jawurek, M., Kerschbaum, F., Orlandi, C.: Zero-knowledge using garbled circuits: how to prove non-algebraic statements efficiently. In: 2013 ACM SIGSAC Conference on Computer and Communications Security, CCS 2013, Berlin, Germany, 4–8 November 2013, pp. 955–966 (2013)Google Scholar
- 25.Kilian, J.: Founding cryptography on oblivious transfer. In: STOC, pp. 20–31. ACM (1988)Google Scholar
- 26.Perry, J., Gupta, D., Feigenbaum, J., Wright, R.N.: Systematizing secure computation for research and decision support. In: Abdalla, M., De Prisco, R. (eds.) SCN 2014. LNCS, vol. 8642, pp. 380–397. Springer, Heidelberg (2014)Google Scholar
- 27.Rabin, T., Ben-Or, M.: Verifiable secret sharing and multiparty protocols with honest majority. In: Proceedings of 21st STOC, pp. 73–85. ACM (1989)Google Scholar
- 30.Shamir, A., Rivest, R.L., Adleman, L.M.: Mental poker. Technical report LCS/TR-125, Massachusetts Institute of Technology, April 1979Google Scholar
- 31.Yao, A.C.: Protocols for secure computation. In: Proceedings of 23rd FOCS, pp. 160–164. IEEE (1982)Google Scholar
- 32.Yao, A.C.: How to generate and exchange secrets. In: Proceedings of 27th FOCS, pp. 162–167. IEEE (1986)Google Scholar