On the Computational Overhead of MPC with Dishonest Majority

  • Jesper Buus Nielsen
  • Samuel RanellucciEmail author
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 10175)


We consider the situation where a large number n of players want to securely compute a large function f with security against an adaptive, malicious adversary which might corrupt \(t < c n\) of the parties for some given \(c \in [0,1)\). In other words, only some arbitrarily small constant fraction of the parties are assumed to be honest. For any fixed c, we consider the asymptotic complexity as n and the size of f grows. We are in particular interested in the computational overhead, defined as the total computational complexity of all parties divided by the size of f. We show that it is possible to achieve poly-logarithmic computational overhead for all \(c < 1\). Prior to our result it was only known how to get poly-logarithmic overhead for \(c < \frac{1}{2}\). We therefore significantly extend the area where we can do secure multiparty computation with poly-logarithmic overhead. Since we allow that more than half the parties are corrupted, we can only get security with abort, i.e., the adversary might make the protocol abort before all parties learn their outputs. We can, however, for all c make a protocol for which there exists \(d > 0\) such that if at most dn parties are actually corrupted in a given execution, then the protocol will not abort. Our result is solely of theoretical interest. In its current form, it has not practical implications whatsoever.


Secret Share Secret Share Scheme Ideal Functionality Expander Graph Virtual Server 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.



This work is supported by European Research Council Starting Grant 279447. Samuel Ranellucci is supported by NSF grants #1564088 and #1563722. This work is partially supported by the H2020-LEIT-ICT project SODA, project number 731583. The authors would also like to thank the anonymous reviewers for their valuable comments and suggestions. Any opinions, findings, and conclusions or recommendations expressed in this material are those of the authors and do not necessarily reflect the views of the National Science Foundation.


  1. [BCP15]
    Boyle, E., Chung, K.-M., Pass, R.: Large-scale secure computation: multi-party computation for (Parallel) RAM programs. In: Gennaro, R., Robshaw, M. (eds.) CRYPTO 2015. LNCS, vol. 9216, pp. 742–762. Springer, Heidelberg (2015). doi: 10.1007/978-3-662-48000-7_36 CrossRefGoogle Scholar
  2. [Bra87]
    Bracha, G.: An o (log n) expected rounds randomized byzantine generals protocol. J. ACM (JACM) 34(4), 910–920 (1987)MathSciNetCrossRefzbMATHGoogle Scholar
  3. [BSFO12]
    Ben-Sasson, E., Fehr, S., Ostrovsky, R.: Near-linear unconditionally-secure multiparty computation with a dishonest minority. In: Safavi-Naini, R., Canetti, R. (eds.) CRYPTO 2012. LNCS, vol. 7417, pp. 663–680. Springer, Heidelberg (2012). doi: 10.1007/978-3-642-32009-5_39 CrossRefGoogle Scholar
  4. [CDD+15]
    Cramer, R., Damgård, I.B., Döttling, N., Fehr, S., Spini, G.: Linear secret sharing schemes from error correcting codes and universal hash functions. In: Oswald, E., Fischlin, M. (eds.) EUROCRYPT 2015. LNCS, vol. 9057, pp. 313–336. Springer, Heidelberg (2015). doi: 10.1007/978-3-662-46803-6_11 Google Scholar
  5. [CDI+13]
    Cohen, G., Damgård, I.B., Ishai, Y., Kölker, J., Miltersen, P.B., Raz, R., Rothblum, R.D.: Efficient multiparty protocols via log-depth threshold formulae. In: Canetti, R., Garay, J.A. (eds.) CRYPTO 2013. LNCS, vol. 8043, pp. 185–202. Springer, Heidelberg (2013). doi: 10.1007/978-3-642-40084-1_11 CrossRefGoogle Scholar
  6. [CPS14]
    Choudhury, A., Patra, A., Smart, N.P.: Reducing the overhead of MPC over a large population. In: Abdalla, M., Prisco, R. (eds.) SCN 2014. LNCS, vol. 8642, pp. 197–217. Springer, Heidelberg (2014). doi: 10.1007/978-3-319-10879-7_12 Google Scholar
  7. [DIK+08]
    Damgård, I., Ishai, Y., Krøigaard, M., Nielsen, J.B., Smith, A.: Scalable multiparty computation with nearly optimal work and resilience. In: Wagner, D. (ed.) CRYPTO 2008. LNCS, vol. 5157, pp. 241–261. Springer, Heidelberg (2008). doi: 10.1007/978-3-540-85174-5_14 CrossRefGoogle Scholar
  8. [DIK10]
    Damgård, I., Ishai, Y., Krøigaard, M.: Perfectly secure multiparty computation and the computational overhead of cryptography. In: Gilbert, H. (ed.) EUROCRYPT 2010. LNCS, vol. 6110, pp. 445–465. Springer, Heidelberg (2010). doi: 10.1007/978-3-642-13190-5_23 CrossRefGoogle Scholar
  9. [DKL+13]
    Damgård, I., Keller, M., Larraia, E., Pastro, V., Scholl, P., Smart, N.P.: Practical covertly secure MPC for dishonest majority – or: breaking the SPDZ limits. In: Crampton, J., Jajodia, S., Mayes, K. (eds.) ESORICS 2013. LNCS, vol. 8134, pp. 1–18. Springer, Heidelberg (2013). doi: 10.1007/978-3-642-40203-6_1 CrossRefGoogle Scholar
  10. [DPSZ12]
    Damgård, I., Pastro, V., Smart, N., Zakarias, S.: Multiparty computation from somewhat homomorphic encryption. In: Safavi-Naini, R., Canetti, R. (eds.) CRYPTO 2012. LNCS, vol. 7417, pp. 643–662. Springer, Heidelberg (2012). doi: 10.1007/978-3-642-32009-5_38 CrossRefGoogle Scholar
  11. [DS83]
    Dolev, D., Strong, H.R.: Authenticated algorithms for byzantine agreement. SIAM J. Comput. 12(4), 656–666 (1983)MathSciNetCrossRefzbMATHGoogle Scholar
  12. [DZ13]
    Damgård, I., Zakarias, S.: Constant-overhead secure computation of boolean circuits using preprocessing. In: Sahai, A. (ed.) TCC 2013. LNCS, vol. 7785, pp. 621–641. Springer, Heidelberg (2013). doi: 10.1007/978-3-642-36594-2_35 CrossRefGoogle Scholar
  13. [GWZ09]
    Garay, J.A., Wichs, D., Zhou, H.-S.: Somewhat non-committing encryption and efficient adaptively secure oblivious transfer. In: Halevi, S. (ed.) CRYPTO 2009. LNCS, vol. 5677, pp. 505–523. Springer, Heidelberg (2009). doi: 10.1007/978-3-642-03356-8_30 CrossRefGoogle Scholar
  14. [HM00]
    Hirt, M., Maurer, U.: Player simulation and general adversary structures in perfect multiparty computation. J. Cryptol. 13(1), 31–60 (2000)MathSciNetCrossRefzbMATHGoogle Scholar
  15. [HMP00]
    Hirt, M., Maurer, U., Przydatek, B.: Efficient secure multi-party computation. In: Okamoto, T. (ed.) ASIACRYPT 2000. LNCS, vol. 1976, pp. 143–161. Springer, Heidelberg (2000). doi: 10.1007/3-540-44448-3_12 CrossRefGoogle Scholar
  16. [IKOS07]
    Ishai, Y., Kushilevitz, E., Ostrovsky, R., Sahai, A.: Zero-knowledge from secure multiparty computation. In: Johnson, D.S., Feige, U. (eds.) Proceedings of the 39th Annual ACM Symposium on Theory of Computing, San Diego, California, USA, 11–13 June, pp. 21–30. ACM (2007)Google Scholar
  17. [IKP+16]
    Ishai, Y., Kushilevitz, E., Prabhakaran, M., Sahai, A., Yu, C.-H.: Secure protocol transformations. In: Robshaw, M., Katz, J. (eds.) CRYPTO 2016. LNCS, vol. 9815, pp. 430–458. Springer, Heidelberg (2016). doi: 10.1007/978-3-662-53008-5_15 CrossRefGoogle Scholar
  18. [IPS08]
    Ishai, Y., Prabhakaran, M., Sahai, A.: Founding cryptography on oblivious transfer – efficiently. In: Wagner, D. (ed.) CRYPTO 2008. LNCS, vol. 5157, pp. 572–591. Springer, Heidelberg (2008). doi: 10.1007/978-3-540-85174-5_32 CrossRefGoogle Scholar
  19. [KMTZ13]
    Katz, J., Maurer, U., Tackmann, B., Zikas, V.: Universally composable synchronous computation. In: Sahai, A. (ed.) TCC 2013. LNCS, vol. 7785, pp. 477–498. Springer, Heidelberg (2013). doi: 10.1007/978-3-642-36594-2_27 CrossRefGoogle Scholar
  20. [PW92]
    Pfitzmann, B., Waidner, M.: Unconditional byzantine agreement for any number of faulty processors. In: Finkel, A., Jantzen, M. (eds.) STACS 1992. LNCS, vol. 577, pp. 337–350. Springer, Heidelberg (1992). doi: 10.1007/3-540-55210-3_195 CrossRefGoogle Scholar
  21. [SS96]
    Sipser, M., Spielman, D.A.: Expander codes. IEEE Trans. Inf. Theory 42(6), 1710–1722 (1996)MathSciNetCrossRefzbMATHGoogle Scholar
  22. [WC81]
    Wegman, M.N., Carter, L.: New hash functions and their use in authentication and set equality. J. Comput. Syst. Sci. 22(3), 265–279 (1981)MathSciNetCrossRefzbMATHGoogle Scholar

Copyright information

© International Association for Cryptologic Research 2017

Authors and Affiliations

  1. 1.Department of Computer ScienceAarhus UniversityAarhusDenmark
  2. 2.Department of Computer ScienceGeorge Mason UniversityVirginiaUSA
  3. 3.Department of Computer ScienceUniversity of MarylandMarylandUSA

Personalised recommendations