Verifiable Computation in Multiparty Protocols with Honest Majority

We present a generic method for turning passively secure protocols into protocols secure against covert attacks. The method adds a post-execution verification phase to the protocol that allows a misbehaving party to escape detection only with negligible probability. The execution phase, after which the computed protocol result is already available for parties, has only negligible overhead added by our method. The checks, based on linear probabilistically checkable proofs, are done in zero-knowledge, thereby preserving the privacy guarantees of the original protocol. Our method is inspired by recent results in verifiable computation, adapting them to multiparty setting and significantly lowering their computational costs for the provers.

[1]  Ivan Damgård,et al.  Publicly Auditable Secure Multi-Party Computation , 2014, SCN.

[2]  Ran Canetti,et al.  Universally composable security: a new paradigm for cryptographic protocols , 2001, Proceedings 2001 IEEE International Conference on Cluster Computing.

[3]  Yehuda Lindell,et al.  Security Against Covert Adversaries: Efficient Protocols for Realistic Adversaries , 2007, Journal of Cryptology.

[4]  Rafail Ostrovsky,et al.  Efficient Arguments without Short PCPs , 2007, Twenty-Second Annual IEEE Conference on Computational Complexity (CCC'07).

[5]  I. Damglurd Unconditionally secure constant-rounds multi-party computation for equality, comparison, bits and exponentiation , 2006 .

[6]  Tal Rabin,et al.  Verifiable secret sharing and multiparty protocols with honest majority , 1989, STOC '89.

[7]  Eli Ben-Sasson,et al.  SNARKs for C: Verifying Program Executions Succinctly and in Zero Knowledge , 2013, CRYPTO.

[8]  Nir Bitansky,et al.  Succinct Non-Interactive Arguments via Linear Interactive Proofs , 2013, Journal of Cryptology.

[9]  Benjamin Braun,et al.  Taking Proof-Based Verified Computation a Few Steps Closer to Practicality , 2012, USENIX Security Symposium.

[10]  Dan Bogdanov,et al.  High-performance secure multi-party computation for data mining applications , 2012, International Journal of Information Security.

[11]  Ivan Damgård,et al.  From Passive to Covert Security at Low Cost , 2010, TCC.

[12]  Craig Gentry,et al.  Non-interactive Verifiable Computing: Outsourcing Computation to Untrusted Workers , 2010, CRYPTO.

[13]  Nir Bitansky,et al.  Erratum: Succinct Non-interactive Arguments via Linear Interactive Proofs , 2013, TCC.

[14]  Vitaly Shmatikov,et al.  Privacy-Preserving Graph Algorithms in the Semi-honest Model , 2005, ASIACRYPT.

[15]  Craig Gentry,et al.  Quadratic Span Programs and Succinct NIZKs without PCPs , 2013, IACR Cryptol. ePrint Arch..

[16]  Adi Shamir,et al.  How to share a secret , 1979, CACM.

[17]  Octavian Catrina,et al.  Secure Multiparty Linear Programming Using Fixed-Point Arithmetic , 2010, ESORICS.

[18]  Xenofontas A. Dimitropoulos,et al.  SEPIA: Privacy-Preserving Aggregation of Multi-Domain Network Events and Statistics , 2010, USENIX Security Symposium.

[19]  Andrew Chi-Chih Yao,et al.  Protocols for secure computations , 1982, FOCS 1982.

[20]  Aniket Kate,et al.  Computational Verifiable Secret Sharing Revisited , 2011, ASIACRYPT.

[21]  Torben P. Pedersen Non-Interactive and Information-Theoretic Secure Verifiable Secret Sharing , 1991, CRYPTO.

[22]  Joe Kilian,et al.  A note on efficient zero-knowledge proofs and arguments (extended abstract) , 1992, STOC '92.

[23]  Jan Camenisch,et al.  Batch Verification of Short Signatures , 2007, Journal of Cryptology.

[24]  Dan Bogdanov,et al.  Secure multi-party data analysis: end user validation and practical experiments , 2013, IACR Cryptol. ePrint Arch..

[25]  C. Pandu Rangan,et al.  The Round Complexity of Verifiable Secret Sharing: The Statistical Case , 2010, ASIACRYPT.

[26]  Ivan Damgård,et al.  Multiparty Computation from Somewhat Homomorphic Encryption , 2012, IACR Cryptol. ePrint Arch..

[27]  Silvio Micali,et al.  CS Proofs (Extended Abstracts) , 1994, FOCS 1994.

[28]  Silvio Micali,et al.  How to play ANY mental game , 1987, STOC.

[29]  Marcel Keller,et al.  Practical Covertly Secure MPC for Dishonest Majority - Or: Breaking the SPDZ Limits , 2013, ESORICS.

[30]  Ralph C. Merkle,et al.  Secrecy, authentication, and public key systems , 1979 .

[31]  Dan Bogdanov,et al.  From Input Private to Universally Composable Secure Multi-party Computation Primitives , 2014, 2014 IEEE 27th Computer Security Foundations Symposium.

[32]  Matthew K. Franklin,et al.  Communication-Efficient Private Protocols for Longest Common Subsequence , 2009, CT-RSA.

[33]  Sanjeev Arora,et al.  Probabilistic checking of proofs: a new characterization of NP , 1998, JACM.

[34]  Ivan Damgård,et al.  Asynchronous Multiparty Computation: Theory and Implementation , 2008, IACR Cryptol. ePrint Arch..

[35]  Craig Gentry,et al.  Pinocchio: Nearly Practical Verifiable Computation , 2013, 2013 IEEE Symposium on Security and Privacy.

[36]  Helger Lipmaa,et al.  Succinct Non-Interactive Zero Knowledge Arguments from Span Programs and Linear Error-Correcting Codes , 2013, IACR Cryptol. ePrint Arch..

[37]  Ivan Damgård,et al.  Multiparty Computation from Threshold Homomorphic Encryption , 2000, EUROCRYPT.