Incoercible multiparty computation

Current secure multiparty protocols have the following deficiency. The public transcript of the communication can be used as an involuntary commitment of the parties to their inputs and outputs. Thus parties can be later coerced by some authority to reveal their private data. Previous work that has pointed this interesting problem out contained only partial treatment. The authors present the first general treatment of the coercion problem in secure computation. They first present a general definition of protocols that provide resilience to coercion. Their definition constitutes a natural extension of the general paradigm used for defining secure multiparty protocols. They next show that if trapdoor permutations exist then any function can be incoercibly computed (i.e., computed by a protocol that provides resilience to coercion) in the presence of computationally bounded adversaries and only public communication channels. This holds as long as less than half the parties are coerced (or corrupted). In particular, theirs are the first incoercible protocols without physical security assumptions. Also, the protocols constitute an alternative solution to the recently solved adaptive security problem. Their techniques are quite surprising and include non-standard use of deniable encryptions.

[1]  Ran Canetti,et al.  Studies in secure multiparty computation and applications , 1995 .

[2]  Leonid A. Levin,et al.  A hard-core predicate for all one-way functions , 1989, STOC '89.

[3]  Silvio Micali,et al.  Probabilistic Encryption , 1984, J. Comput. Syst. Sci..

[4]  Andrew Chi-Chih Yao,et al.  Protocols for secure computations , 1982, FOCS 1982.

[5]  Josh Benaloh,et al.  Receipt-free secret-ballot elections (extended abstract) , 1994, STOC '94.

[6]  David Chaum,et al.  Multiparty unconditionally secure protocols , 1988, STOC '88.

[7]  Valtteri Niemi,et al.  How to Prevent Buying of Votes in Computer Elections , 1994, ASIACRYPT.

[8]  Silvio Micali,et al.  How to play ANY mental game , 1987, STOC.

[9]  Rafail Ostrovsky,et al.  Deniable Encryption , 1997, IACR Cryptol. ePrint Arch..

[10]  C. Zheng,et al.  ; 0 ; , 1951 .

[11]  Ran Canetti,et al.  Asynchronous secure computation , 1993, STOC.

[12]  Donald Beaver,et al.  Foundations of Secure Interactive Computing , 1991, CRYPTO.

[13]  Kazue Sako,et al.  Receipt-Free Mix-Type Voting Scheme - A Practical Solution to the Implementation of a Voting Booth , 1995, EUROCRYPT.

[14]  Josh Benaloh,et al.  Receipt-Free Secret-Ballot Elections , 1994, STOC 1994.

[15]  Adi Shamir,et al.  How to share a secret , 1979, CACM.

[16]  Silvio Micali,et al.  Proofs that yield nothing but their validity and a methodology of cryptographic protocol design , 1986, 27th Annual Symposium on Foundations of Computer Science (sfcs 1986).

[17]  Avi Wigderson,et al.  Completeness theorems for non-cryptographic fault-tolerant distributed computation , 1988, STOC '88.