TY - GEN
T1 - A little honesty goes a long way
T2 - 12th Theory of Cryptography Conference, TCC 2015
AU - Garay, Juan A.
AU - Gelles, Ran
AU - Johnson, David S.
AU - Kiayias, Aggelos
AU - Yung, Moti
N1 - Publisher Copyright: © International Association for Cryptologic Research 2015.
PY - 2015
Y1 - 2015
N2 - Afundamental result in securemultiparty computation (MPC) is that in order to achieve full security, it is necessary that amajority of the partiesbehave honestly.There are settings, however,where the condition of an honest majority might be overly restrictive, and there is a need to define and investigate other plausible adversarial models in order to circumvent the above impossibility. To this end, we introduce the two-tier model for MPC, where some small subset of servers is guaranteed to be honest at the beginning of the computation (the first tier), while the corruption state of the other servers (the second tier) is unknown. The two-tier model naturally arises in various settings, such as for example when a service provider wishes to utilize a large pre-existing set of servers, while being able to trust only a small fraction of them. The first tier is responsible for performing the secure computation while the second tier serves as a disguise: using novel anonymization techniques, servers in the first tier remain undetected to an adaptive adversary, preventing a targeted attack on these critical servers. Specifically, given n servers and assuming αn of them are corrupt at the onset (where α ∈ (0, 1)), we present an MPC protocol that can withstand an optimal amount of less than (1−α)n/2 additional adaptive corruptions, provided the first tier is of size ω(log n). This allows us to perform MPC in a fully secure manner even when the total number of corruptions exceeds n/2 across both tiers, thus evading the honest majority requirement.
AB - Afundamental result in securemultiparty computation (MPC) is that in order to achieve full security, it is necessary that amajority of the partiesbehave honestly.There are settings, however,where the condition of an honest majority might be overly restrictive, and there is a need to define and investigate other plausible adversarial models in order to circumvent the above impossibility. To this end, we introduce the two-tier model for MPC, where some small subset of servers is guaranteed to be honest at the beginning of the computation (the first tier), while the corruption state of the other servers (the second tier) is unknown. The two-tier model naturally arises in various settings, such as for example when a service provider wishes to utilize a large pre-existing set of servers, while being able to trust only a small fraction of them. The first tier is responsible for performing the secure computation while the second tier serves as a disguise: using novel anonymization techniques, servers in the first tier remain undetected to an adaptive adversary, preventing a targeted attack on these critical servers. Specifically, given n servers and assuming αn of them are corrupt at the onset (where α ∈ (0, 1)), we present an MPC protocol that can withstand an optimal amount of less than (1−α)n/2 additional adaptive corruptions, provided the first tier is of size ω(log n). This allows us to perform MPC in a fully secure manner even when the total number of corruptions exceeds n/2 across both tiers, thus evading the honest majority requirement.
UR - http://www.scopus.com/inward/record.url?scp=84924657046&partnerID=8YFLogxK
U2 - 10.1007/978-3-662-46494-6_7
DO - 10.1007/978-3-662-46494-6_7
M3 - منشور من مؤتمر
T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
SP - 134
EP - 158
BT - Theory of Cryptography - 12th Theory of Cryptography Conference, TCC 2015, Proceedings
A2 - Dodis, Yevgeniy
A2 - Nielsen, Jesper Buus
PB - Springer Verlag
Y2 - 23 March 2015 through 25 March 2015
ER -