TY - GEN
T1 - Efficient Perfectly Secure Computation with Optimal Resilience
AU - Abraham, Ittai
AU - Asharov, Gilad
AU - Yanai, Avishay
N1 - Publisher Copyright: © 2021, International Association for Cryptologic Research.
PY - 2021
Y1 - 2021
N2 - Secure computation enables n mutually distrustful parties to compute a function over their private inputs jointly. In 1988 Ben-Or, Goldwasser, and Wigderson (BGW) demonstrated that any function can be computed with perfect security in the presence of a malicious adversary corrupting at most t< n/ 3 parties. After more than 30 years, protocols with perfect malicious security, with round complexity proportional to the circuit’s depth, still require sharing a total of O(n2) values per multiplication. In contrast, only O(n) values need to be shared per multiplication to achieve semi-honest security. Indeed sharing Ω(n) values for a single multiplication seems to be the natural barrier for polynomial secret sharing-based multiplication. In this paper, we close this gap by constructing a new secure computation protocol with perfect, optimal resilience and malicious security that incurs sharing of only O(n) values per multiplication, thus, matching the semi-honest setting for protocols with round complexity that is proportional to the circuit depth. Our protocol requires a constant number of rounds per multiplication. Like BGW, it has an overall round complexity that is proportional only to the multiplicative depth of the circuit. Our improvement is obtained by a novel construction for weak VSS for polynomials of degree-2t, which incurs the same communication and round complexities as the state-of-the-art constructions for VSS for polynomials of degree-t. Our second contribution is a method for reducing the communication complexity for any depth-1 sub-circuit to be proportional only to the size of the input and output (rather than the size of the circuit). This implies protocols with sublinear communication complexity (in the size of the circuit) for perfectly secure computation for important functions like matrix multiplication.
AB - Secure computation enables n mutually distrustful parties to compute a function over their private inputs jointly. In 1988 Ben-Or, Goldwasser, and Wigderson (BGW) demonstrated that any function can be computed with perfect security in the presence of a malicious adversary corrupting at most t< n/ 3 parties. After more than 30 years, protocols with perfect malicious security, with round complexity proportional to the circuit’s depth, still require sharing a total of O(n2) values per multiplication. In contrast, only O(n) values need to be shared per multiplication to achieve semi-honest security. Indeed sharing Ω(n) values for a single multiplication seems to be the natural barrier for polynomial secret sharing-based multiplication. In this paper, we close this gap by constructing a new secure computation protocol with perfect, optimal resilience and malicious security that incurs sharing of only O(n) values per multiplication, thus, matching the semi-honest setting for protocols with round complexity that is proportional to the circuit depth. Our protocol requires a constant number of rounds per multiplication. Like BGW, it has an overall round complexity that is proportional only to the multiplicative depth of the circuit. Our improvement is obtained by a novel construction for weak VSS for polynomials of degree-2t, which incurs the same communication and round complexities as the state-of-the-art constructions for VSS for polynomials of degree-t. Our second contribution is a method for reducing the communication complexity for any depth-1 sub-circuit to be proportional only to the size of the input and output (rather than the size of the circuit). This implies protocols with sublinear communication complexity (in the size of the circuit) for perfectly secure computation for important functions like matrix multiplication.
UR - http://www.scopus.com/inward/record.url?scp=85120043636&partnerID=8YFLogxK
U2 - 10.1007/978-3-030-90453-1_3
DO - 10.1007/978-3-030-90453-1_3
M3 - منشور من مؤتمر
SN - 9783030904524
T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
SP - 66
EP - 96
BT - Theory of Cryptography - 19th International Conference, TCC 2021, Proceedings
A2 - Nissim, Kobbi
A2 - Waters, Brent
PB - Springer Science and Business Media Deutschland GmbH
T2 - 19th International Conference on Theory of Cryptography, TCC 2021
Y2 - 8 November 2021 through 11 November 2021
ER -