What Security can we Achieve in 4-Rounds?

In this paper we study the question of what security is achievable for stand-alone two-party computation in four rounds. Our starting point point is the Katz-Ostrovsky lower bound [KO04] which determines that the exact round complexity of achieving secure two-party computation with black-box simulation is five. To get around this lower bound we consider two relaxations of the standard simulation-based security definition, where each relaxation implies a different security guarantee. Specifically, we analyze our four-round protocols in the presence of malicious non-aborting adversaries (i.e. which do not abort prematurely) for which we obtain full simulation security and malicious aborting adversaries for which we obtain 1/p security (which implies that the simulation fails with probability at most 1/p+negl) while guaranteeing full privacy against both parties. We realize the coin-tossing and oblivious transfer functionalities under these relaxations, and present protocols with different security guarantees. We also provide a tight characterization of when 1/p security is achievable where full privacy is expected.

[1]  Rafail Ostrovsky,et al.  Round-Optimal Secure Two-Party Computation , 2004, CRYPTO.

[2]  Ran Canetti,et al.  Security and Composition of Multiparty Cryptographic Protocols , 2000, Journal of Cryptology.

[3]  Moni Naor,et al.  Efficient oblivious transfer protocols , 2001, SODA '01.

[4]  Salil P. Vadhan,et al.  Derandomization in Cryptography , 2003, SIAM J. Comput..

[5]  Adi Shamir,et al.  Witness indistinguishable and witness hiding protocols , 1990, STOC '90.

[6]  Richard Cleve,et al.  Limits on the security of coin flips when half the processors are faulty , 1986, STOC '86.

[7]  Rafail Ostrovsky,et al.  4-Round Resettably-Sound Zero Knowledge , 2014, TCC.

[8]  Yehuda Lindell,et al.  Lower bounds for non-black-box zero knowledge , 2003, 44th Annual IEEE Symposium on Foundations of Computer Science, 2003. Proceedings..

[9]  Oded Goldreich,et al.  The Foundations of Cryptography - Volume 2: Basic Applications , 2001 .

[10]  Adi Shamir,et al.  How to share a secret , 1979, CACM.

[11]  Yehuda Lindell,et al.  Security Against Covert Adversaries: Efficient Protocols for Realistic Adversaries , 2007, Journal of Cryptology.

[12]  Charanjit S. Jutla Upending Stock Market Structure Using Secure Multi-Party Computation , 2015, IACR Cryptol. ePrint Arch..

[13]  Andrew Chi-Chih Yao,et al.  Theory and Applications of Trapdoor Functions (Extended Abstract) , 1982, FOCS.

[14]  Taher El Gamal A public key cryptosystem and a signature scheme based on discrete logarithms , 1984, IEEE Trans. Inf. Theory.

[15]  Marcin Andrychowicz,et al.  Secure Multiparty Computations on Bitcoin , 2014, 2014 IEEE Symposium on Security and Privacy.

[16]  Amit Sahai,et al.  New notions of security: achieving universal composability without trusted setup , 2004, STOC '04.

[17]  Marcin Andrychowicz,et al.  Fair Two-Party Computations via Bitcoin Deposits , 2014, Financial Cryptography Workshops.

[18]  Iddo Bentov,et al.  How to Use Bitcoin to Design Fair Protocols , 2014, CRYPTO.

[19]  Oded Goldreich,et al.  Definitions and properties of zero-knowledge proof systems , 1994, Journal of Cryptology.

[20]  Rafail Ostrovsky,et al.  Round-Optimal Black-Box Two-Party Computation , 2015, CRYPTO.

[21]  Rafail Ostrovsky,et al.  Non-interactive Zaps and New Techniques for NIZK , 2006, CRYPTO.

[22]  Oded Goldreich,et al.  A randomized protocol for signing contracts , 1985, CACM.

[23]  Rafail Ostrovsky,et al.  Efficient Non-interactive Secure Computation , 2011, EUROCRYPT.

[24]  Moni Naor,et al.  An Optimally Fair Coin Toss , 2015, Journal of Cryptology.

[25]  Yael Tauman Kalai,et al.  Smooth Projective Hashing and Two-Message Oblivious Transfer , 2005, Journal of Cryptology.

[26]  Manuel Blum,et al.  How to Prove a Theorem So No One Else Can Claim It , 2010 .

[27]  Andrew Chi-Chih Yao,et al.  How to Generate and Exchange Secrets (Extended Abstract) , 1986, FOCS.

[28]  N. Asokan,et al.  Optimistic fair exchange of digital signatures , 1998, IEEE Journal on Selected Areas in Communications.

[29]  Andrew Chi-Chih Yao,et al.  Theory and application of trapdoor functions , 1982, 23rd Annual Symposium on Foundations of Computer Science (sfcs 1982).

[30]  Marc Fischlin,et al.  Trapdoor commitment schemes and their applications , 2001 .

[31]  Silvio Micali,et al.  Simple and fast optimistic protocols for fair electronic exchange , 2003, PODC '03.

[32]  Donald Beaver,et al.  Foundations of Secure Interactive Computing , 1991, CRYPTO.

[33]  Hugo Krawczyk,et al.  On the Composition of Zero-Knowledge Proof Systems , 1990, ICALP.

[34]  Torben P. Pedersen Non-Interactive and Information-Theoretic Secure Verifiable Secret Sharing , 1991, CRYPTO.

[35]  Ivan Damgård,et al.  Proofs of Partial Knowledge and Simplified Design of Witness Hiding Protocols , 1994, CRYPTO.

[36]  Rafael Pass,et al.  Simulation in Quasi-Polynomial Time, and Its Application to Protocol Composition , 2003, EUROCRYPT.

[37]  Silvio Micali,et al.  Input-Indistinguishable Computation , 2006, 2006 47th Annual IEEE Symposium on Foundations of Computer Science (FOCS'06).

[38]  Rafail Ostrovsky,et al.  Zero-Knowledge Proofs from Secure Multiparty Computation , 2009, SIAM J. Comput..

[39]  Yehuda Lindell,et al.  Black-Box Constructions of Protocols for Secure Computation , 2011, IACR Cryptol. ePrint Arch..

[40]  Iftach Haitner,et al.  Semi-honest to Malicious Oblivious Transfer - The Black-Box Way , 2008, TCC.

[41]  Leonid A. Levin,et al.  A hard-core predicate for all one-way functions , 1989, STOC '89.

[42]  Silvio Micali,et al.  Secure Computation (Abstract) , 1991, CRYPTO.

[43]  Amit Sahai,et al.  How to play almost any mental game over the net - concurrent composition via super-polynomial simulation , 2005, 46th Annual IEEE Symposium on Foundations of Computer Science (FOCS'05).

[44]  Moni Naor,et al.  Zaps and their applications , 2000, Proceedings 41st Annual Symposium on Foundations of Computer Science.

[45]  Jonathan Katz,et al.  Partial Fairness in Secure Two-Party Computation , 2010, Journal of Cryptology.

[46]  Jonathan Katz,et al.  Which Languages Have 4-Round Zero-Knowledge Proofs? , 2008, Journal of Cryptology.

[47]  Silvio Micali,et al.  The knowledge complexity of interactive proof-systems , 1985, STOC '85.

[48]  Jonathan Katz,et al.  Universally-Composable Two-Party Computation in Two Rounds , 2007, CRYPTO.

[49]  David Chaum,et al.  An Improved Protocol for Demonstrating Possession of Discrete Logarithms and Some Generalizations , 1987, EUROCRYPT.

[50]  Yehuda Lindell,et al.  Parallel Coin-Tossing and Constant-Round Secure Two-Party Computation , 2001, Journal of Cryptology.

[51]  Brent Waters,et al.  A Framework for Efficient and Composable Oblivious Transfer , 2008, CRYPTO.

[52]  Ivan Damgård,et al.  Secure Two-Party Computation with Low Communication , 2012, IACR Cryptol. ePrint Arch..

[53]  Anat Paskin-Cherniavsky,et al.  Secure Computation with Minimal Interaction, Revisited , 2015, CRYPTO.