A Full Proof of the BGW Protocol for Perfectly Secure Multiparty Computation

Gilad Asharov; Yehuda Lindell

doi:10.1007/s00145-015-9214-4

A Full Proof of the BGW Protocol for Perfectly Secure Multiparty Computation

Department of Computer Science and Artificial Intelligence

Bar-Ilan University

Research output: Contribution to journal › Article › peer-review

Abstract

In the setting of secure multiparty computation, a set of n parties with private inputs wish to jointly compute some functionality of their inputs. One of the most fundamental results of secure computation was presented by Ben-Or, Goldwasser, and Wigderson (BGW) in 1988. They demonstrated that any n-party functionality can be computed with perfect security, in the private channels model. When the adversary is semi-honest, this holds as long as t< n/ 2 parties are corrupted, and when the adversary is malicious, this holds as long as t< n/ 3 parties are corrupted. Unfortunately, a full proof of these results was never published. In this paper, we remedy this situation and provide a full proof of security of the BGW protocol. This includes a full description of the protocol for the malicious setting, including the construction of a new subprotocol for the perfect multiplication protocol that seems necessary for the case of n/ 4 ≤ t< n/ 3.

Original language	English
Pages (from-to)	58-151
Number of pages	94
Journal	Journal of Cryptology
Volume	30
Issue number	1
DOIs	https://doi.org/10.1007/s00145-015-9214-4
State	Published - 1 Jan 2017

Keywords

BGW
Cryptographic protocols
Multiparty computation
Perfect security

ASJC Scopus subject areas

Software
Computer Science Applications
Applied Mathematics

Access to Document

10.1007/s00145-015-9214-4

Cite this

@article{b3b6de879bb9437c892f10e60fe9d2d5,

title = "A Full Proof of the BGW Protocol for Perfectly Secure Multiparty Computation",

abstract = "In the setting of secure multiparty computation, a set of n parties with private inputs wish to jointly compute some functionality of their inputs. One of the most fundamental results of secure computation was presented by Ben-Or, Goldwasser, and Wigderson (BGW) in 1988. They demonstrated that any n-party functionality can be computed with perfect security, in the private channels model. When the adversary is semi-honest, this holds as long as t< n/ 2 parties are corrupted, and when the adversary is malicious, this holds as long as t< n/ 3 parties are corrupted. Unfortunately, a full proof of these results was never published. In this paper, we remedy this situation and provide a full proof of security of the BGW protocol. This includes a full description of the protocol for the malicious setting, including the construction of a new subprotocol for the perfect multiplication protocol that seems necessary for the case of n/ 4 ≤ t< n/ 3.",

keywords = "BGW, Cryptographic protocols, Multiparty computation, Perfect security",

author = "Gilad Asharov and Yehuda Lindell",

note = "Publisher Copyright: {\textcopyright} 2015, International Association for Cryptologic Research.",

year = "2017",

month = jan,

day = "1",

doi = "10.1007/s00145-015-9214-4",

language = "الإنجليزيّة",

volume = "30",

pages = "58--151",

journal = "Journal of Cryptology",

issn = "0933-2790",

publisher = "Springer New York",

number = "1",

}

TY - JOUR

T1 - A Full Proof of the BGW Protocol for Perfectly Secure Multiparty Computation

AU - Asharov, Gilad

AU - Lindell, Yehuda

PY - 2017/1/1

Y1 - 2017/1/1

N2 - In the setting of secure multiparty computation, a set of n parties with private inputs wish to jointly compute some functionality of their inputs. One of the most fundamental results of secure computation was presented by Ben-Or, Goldwasser, and Wigderson (BGW) in 1988. They demonstrated that any n-party functionality can be computed with perfect security, in the private channels model. When the adversary is semi-honest, this holds as long as t< n/ 2 parties are corrupted, and when the adversary is malicious, this holds as long as t< n/ 3 parties are corrupted. Unfortunately, a full proof of these results was never published. In this paper, we remedy this situation and provide a full proof of security of the BGW protocol. This includes a full description of the protocol for the malicious setting, including the construction of a new subprotocol for the perfect multiplication protocol that seems necessary for the case of n/ 4 ≤ t< n/ 3.

AB - In the setting of secure multiparty computation, a set of n parties with private inputs wish to jointly compute some functionality of their inputs. One of the most fundamental results of secure computation was presented by Ben-Or, Goldwasser, and Wigderson (BGW) in 1988. They demonstrated that any n-party functionality can be computed with perfect security, in the private channels model. When the adversary is semi-honest, this holds as long as t< n/ 2 parties are corrupted, and when the adversary is malicious, this holds as long as t< n/ 3 parties are corrupted. Unfortunately, a full proof of these results was never published. In this paper, we remedy this situation and provide a full proof of security of the BGW protocol. This includes a full description of the protocol for the malicious setting, including the construction of a new subprotocol for the perfect multiplication protocol that seems necessary for the case of n/ 4 ≤ t< n/ 3.

KW - BGW

KW - Cryptographic protocols

KW - Multiparty computation

KW - Perfect security

UR - https://www.scopus.com/pages/publications/84944609700

U2 - 10.1007/s00145-015-9214-4

DO - 10.1007/s00145-015-9214-4

M3 - مقالة

SN - 0933-2790

VL - 30

SP - 58

EP - 151

JO - Journal of Cryptology

JF - Journal of Cryptology

IS - 1

ER -

A Full Proof of the BGW Protocol for Perfectly Secure Multiparty Computation

Abstract

Keywords

ASJC Scopus subject areas

Access to Document

Other files and links

Fingerprint

Cite this