TY - GEN
T1 - Round-Optimal Honest-Majority MPC in Minicrypt and with Everlasting Security
T2 - 20th Theory of Cryptography Conference, TCC 2022
AU - Applebaum, Benny
AU - Kachlon, Eliran
AU - Patra, Arpita
N1 - Publisher Copyright: © 2022, The Author(s), under exclusive license to Springer Nature Switzerland AG.
PY - 2022
Y1 - 2022
N2 - We study the round complexity of secure multiparty computation (MPC) in the challenging model where full security, including guaranteed output delivery, should be achieved at the presence of an active rushing adversary who corrupts up to half of parties. It is known that 2 rounds are insufficient in this model (Gennaro et al. Crypto 2002), and that 3 round protocols can achieve computational security under public-key assumptions (Gordon et al. Crypto 2015; Ananth et al. Crypto 2018; and Badrinarayanan et al. Asiacrypt 2020). However, despite much effort, it is unknown whether public-key assumptions are inherently needed for such protocols, and whether one can achieve similar results with security against computationally-unbounded adversaries. In this paper, we use Minicrypt-type assumptions to realize 3-round MPC with full and active security. Our protocols come in two flavors: for a small (logarithmic) number of parties n, we achieve an optimal resiliency threshold of t≤ ⌊ (n- 1 ) / 2 ⌋, and for a large (polynomial) number of parties we achieve an almost-optimal resiliency threshold of t≤ 0.5 n(1 - ϵ) for an arbitrarily small constant ϵ> 0. Both protocols can be based on sub-exponentially hard injective one-way functions in the plain model. If the parties have an access to a collision resistance hash function, we can derive statistical everlasting security for every NC1 functionality, i.e., the protocol is secure against adversaries that are computationally bounded during the execution of the protocol and become computationally unlimited after the protocol execution. As a secondary contribution, we show that in the strong honest-majority setting (t< n/ 3 ), every NC1 functionality can be computed in 3 rounds with everlasting security and complexity polynomial in n based on one-way functions. Previously, such a result was only known based on collision-resistance hash function.
AB - We study the round complexity of secure multiparty computation (MPC) in the challenging model where full security, including guaranteed output delivery, should be achieved at the presence of an active rushing adversary who corrupts up to half of parties. It is known that 2 rounds are insufficient in this model (Gennaro et al. Crypto 2002), and that 3 round protocols can achieve computational security under public-key assumptions (Gordon et al. Crypto 2015; Ananth et al. Crypto 2018; and Badrinarayanan et al. Asiacrypt 2020). However, despite much effort, it is unknown whether public-key assumptions are inherently needed for such protocols, and whether one can achieve similar results with security against computationally-unbounded adversaries. In this paper, we use Minicrypt-type assumptions to realize 3-round MPC with full and active security. Our protocols come in two flavors: for a small (logarithmic) number of parties n, we achieve an optimal resiliency threshold of t≤ ⌊ (n- 1 ) / 2 ⌋, and for a large (polynomial) number of parties we achieve an almost-optimal resiliency threshold of t≤ 0.5 n(1 - ϵ) for an arbitrarily small constant ϵ> 0. Both protocols can be based on sub-exponentially hard injective one-way functions in the plain model. If the parties have an access to a collision resistance hash function, we can derive statistical everlasting security for every NC1 functionality, i.e., the protocol is secure against adversaries that are computationally bounded during the execution of the protocol and become computationally unlimited after the protocol execution. As a secondary contribution, we show that in the strong honest-majority setting (t< n/ 3 ), every NC1 functionality can be computed in 3 rounds with everlasting security and complexity polynomial in n based on one-way functions. Previously, such a result was only known based on collision-resistance hash function.
UR - http://www.scopus.com/inward/record.url?scp=85146653292&partnerID=8YFLogxK
U2 - 10.1007/978-3-031-22365-5_4
DO - 10.1007/978-3-031-22365-5_4
M3 - منشور من مؤتمر
SN - 9783031223648
T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
SP - 103
EP - 120
BT - Theory of Cryptography - 20th International Conference, TCC 2022, Proceedings
A2 - Kiltz, Eike
A2 - Vaikuntanathan, Vinod
PB - Springer Science and Business Media Deutschland GmbH
Y2 - 7 November 2022 through 10 November 2022
ER -