TY - GEN
T1 - A full characterization of functions that imply fair coin tossing and ramifications to fairness
AU - Asharov, Gilad
AU - Lindell, Yehuda
AU - Rabin, Tal
N1 - Funding Information: The first two authors were funded by the European Research Council under the European Union’s Seventh Framework Programme (FP/2007-2013) / ERC Grant Agreement n. 239868, and by the israel science foundation (grant No. 189/11). Much of this work was carried out while they were at the IBM T.J. Watson Research Center, New York.
PY - 2013
Y1 - 2013
N2 - It is well known that it is impossible for two parties to toss a coin fairly (Cleve, STOC 1986). This result implies that it is impossible to securely compute with fairness any function that can be used to toss a fair coin. In this paper, we focus on the class of deterministic Boolean functions with finite domain, and we ask for which functions in this class is it possible to information-theoretically toss an unbiased coin, given a protocol for securely computing the function with fairness. We provide a complete characterization of the functions in this class that imply and do not imply fair coin tossing. This characterization extends our knowledge of which functions cannot be securely computed with fairness. In addition, it provides a focus as to which functions may potentially be securely computed with fairness, since a function that cannot be used to fairly toss a coin is not ruled out by the impossibility result of Cleve (which is the only known impossibility result for fairness). In addition to the above, we draw corollaries to the feasibility of achieving fairness in two possible fail-stop models.
AB - It is well known that it is impossible for two parties to toss a coin fairly (Cleve, STOC 1986). This result implies that it is impossible to securely compute with fairness any function that can be used to toss a fair coin. In this paper, we focus on the class of deterministic Boolean functions with finite domain, and we ask for which functions in this class is it possible to information-theoretically toss an unbiased coin, given a protocol for securely computing the function with fairness. We provide a complete characterization of the functions in this class that imply and do not imply fair coin tossing. This characterization extends our knowledge of which functions cannot be securely computed with fairness. In addition, it provides a focus as to which functions may potentially be securely computed with fairness, since a function that cannot be used to fairly toss a coin is not ruled out by the impossibility result of Cleve (which is the only known impossibility result for fairness). In addition to the above, we draw corollaries to the feasibility of achieving fairness in two possible fail-stop models.
UR - http://www.scopus.com/inward/record.url?scp=84873977107&partnerID=8YFLogxK
U2 - 10.1007/978-3-642-36594-2_14
DO - 10.1007/978-3-642-36594-2_14
M3 - منشور من مؤتمر
SN - 9783642365935
T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
SP - 243
EP - 262
BT - Theory of Cryptography - 10th Theory of Cryptography Conference, TCC 2013, Proceedings
T2 - 10th Theory of Cryptography Conference, TCC 2013
Y2 - 3 March 2013 through 6 March 2013
ER -