Multiparty Reusable Non-interactive Secure Computation from LWE

Fabrice Benhamouda, Aayush Jain, Ilan Komargodski, Huijia Lin

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review


Motivated by the goal of designing versatile and flexible secure computation protocols that at the same time require as little interaction as possible, we present new multiparty reusable Non-Interactive Secure Computation (mrNISC) protocols. This notion, recently introduced by Benhamouda and Lin (TCC 2020), is essentially two-round Multi-Party Computation (MPC) protocols where the first round of messages serves as a reusable commitment to the private inputs of participating parties. Using these commitments, any subset of parties can later compute any function of their choice on their respective inputs by just sending a single message to a stateless evaluator, conveying the result of the computation but nothing else. Importantly, the input commitments can be computed without knowing anything about other participating parties (neither their identities nor their number) and they are reusable across any number of desired computations. We give a construction of mrNISC that achieves standard simulation security, as classical multi-round MPC protocols achieve. Our construction relies on the Learning With Errors (LWE) assumption with polynomial modulus, and on the existence of a pseudorandom function (PRF) in NC1. We achieve semi-malicious security in the plain model and malicious security by further relying on trusted setup (which is unavoidable for mrNISC). In comparison, the only previously known constructions of mrNISC were either using bilinear maps or using strong primitives such as program obfuscation. We use our mrNISC to obtain new Multi-Key FHE (MKFHE) schemes with threshold decryption: In the CRS model, we obtain threshold MKFHE for NC 1 based on LWE with only polynomial modulus and PRFs in NC1, whereas all previous constructions rely on LWE with super-polynomial modulus-to-noise ratio.In the plain model, we obtain threshold levelled MKFHE for P based on LsWE with polynomial modulus, PRF in NC 1, and NTRU, and another scheme for constant number of parties from LWE with sub-exponential modulus-to-noise ratio. The only known prior construction of threshold MKFHE (Ananth et al., TCC 2020) in the plain model restricts the set of parties who can compute together at the onset.

Original languageAmerican English
Title of host publicationAdvances in Cryptology – EUROCRYPT 2021 - 40th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Proceedings
EditorsAnne Canteaut, François-Xavier Standaert
PublisherSpringer Science and Business Media Deutschland GmbH
Number of pages30
ISBN (Print)9783030778859
StatePublished - 2021
Event40th Annual International Conference on the Theory and Applications of Cryptographic Techniques, EUROCRYPT 2021 - Zagreb, Croatia
Duration: 17 Oct 202121 Oct 2021

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume12697 LNCS


Conference40th Annual International Conference on the Theory and Applications of Cryptographic Techniques, EUROCRYPT 2021

All Science Journal Classification (ASJC) codes

  • Theoretical Computer Science
  • General Computer Science


Dive into the research topics of 'Multiparty Reusable Non-interactive Secure Computation from LWE'. Together they form a unique fingerprint.

Cite this