Constant-Round Asynchronous Multi-Party Computation

Secure multi-party computation (MPC) allows several mutually distrustful parties to securely compute a joint function of their inputs and exists in two main variants: In synchronous MPC parties are connected by a synchronous network with a global clock, and protocols proceed in rounds with strong delivery guarantees, whereas asynchronous MPC protocols can be deployed even in networks that deliver messages in an arbitrary order and impose arbitrary delays on them. The two models—synchronous and asynchronous—have to a large extent developed in parallel with results on both feasibility and asymptotic efficiency improvements in either track. The most notable gap in this parallel development is with respect to round complexity. In particular, although under standard assumptions on a synchronous communication network (availability of secure channels and broadcast), synchronous MPC protocols with (exact) constant rounds have been constructed, to the best of our knowledge, thus far no constant-round asynchronous MPC protocols are known, with the best protocols requiring a number of rounds that is linear in the multiplicative depth of the arithmetic circuit computing the desired function. In this work we close this gap by providing the first constant-round asynchronous MPC protocol. Our protocol is optimally resilient (i.e., it tolerates up to t < n/3 corrupted parties), adaptively secure, and makes black-box use of a pseudo-random function. It works under the standard network assumptions for protocols in the asynchronous MPC setting, namely, a complete network of point-topoint (secure) asynchronous channels with eventual delivery and asynchronous Byzantine agreement (aka consensus). We provide formal definitions of these primitives and a proof of security in the Universal Composability framework.

[1]  Andrew Chi-Chih Yao,et al.  How to generate and exchange secrets , 1986, 27th Annual Symposium on Foundations of Computer Science (sfcs 1986).

[2]  Tal Rabin,et al.  Asynchronous secure computations with optimal resilience (extended abstract) , 1994, PODC '94.

[3]  Andrew Chi-Chih Yao,et al.  Protocols for Secure Computations (Extended Abstract) , 1982, FOCS.

[4]  Martin Hirt,et al.  Asynchronous Multi-Party Computation with Quadratic Communication , 2008, ICALP.

[5]  Nancy A. Lynch,et al.  A Lower Bound for the Time to Assure Interactive Consistency , 1982, Inf. Process. Lett..

[6]  Gabriel Bracha,et al.  An asynchronous [(n - 1)/3]-resilient consensus protocol , 1984, PODC '84.

[7]  Yuval Ishai,et al.  Constant-Round Multiparty Computation Using a Black-Box Pseudorandom Generator , 2005, CRYPTO.

[8]  Moni Naor,et al.  Adaptively secure multi-party computation , 1996, STOC '96.

[9]  S. Rajsbaum Foundations of Cryptography , 2014 .

[10]  Mihir Bellare,et al.  Foundations of garbled circuits , 2012, CCS.

[11]  Silvio Micali,et al.  Optimal algorithms for Byzantine agreement , 1988, STOC '88.

[12]  Adi Shamir,et al.  How to share a secret , 1979, CACM.

[13]  Jonathan Katz,et al.  On expected constant-round protocols for Byzantine agreement , 2006, J. Comput. Syst. Sci..

[14]  J'anos Simon,et al.  Proceedings of the twentieth annual ACM symposium on Theory of computing , 1988, STOC 1988.

[15]  Yuval Ishai,et al.  Circuits resilient to additive attacks with applications to secure computation , 2014, STOC.

[16]  David Chaum,et al.  Multiparty Unconditionally Secure Protocols (Extended Abstract) , 1988, STOC.

[17]  Ran Canetti,et al.  Universally composable security: a new paradigm for cryptographic protocols , 2001, Proceedings 2001 IEEE International Conference on Cluster Computing.

[18]  Ran El-Yaniv,et al.  Resilient-optimal interactive consistency in constant time , 2003, Distributed Computing.

[19]  Ran Cohen,et al.  Asynchronous Secure Multiparty Computation in Constant Time , 2016, Public Key Cryptography.

[20]  Danny Dolev,et al.  Authenticated Algorithms for Byzantine Agreement , 1983, SIAM J. Comput..

[21]  Martin Hirt,et al.  Simple and Efficient Perfectly-Secure Asynchronous MPC , 2007, ASIACRYPT.

[22]  Avi Wigderson,et al.  Completeness Theorems for Non-Cryptographic Fault-Tolerant Distributed Computation (Extended Abstract) , 1988, STOC.

[23]  Martin Hirt,et al.  Adaptively Secure Broadcast , 2010, EUROCRYPT.

[24]  Birgit Pfitzmann,et al.  Unconditional Byzantine Agreement for any Number of Faulty Processors , 1992, STACS.

[25]  Michael Zohner,et al.  GMW vs. Yao? Efficient Secure Two-Party Computation with Low Depth Circuits , 2013, Financial Cryptography.

[26]  Ran Canetti,et al.  Studies in secure multiparty computation and applications , 1995 .

[27]  Nancy A. Lynch,et al.  Impossibility of distributed consensus with one faulty process , 1983, PODS '83.

[28]  Victor Shoup,et al.  Random Oracles in Constantinople: Practical Asynchronous Byzantine Agreement Using Cryptography , 2000, Journal of Cryptology.

[29]  Silvio Micali,et al.  The Round Complexity of Secure Protocols (Extended Abstract) , 1990, STOC 1990.

[30]  Tal Rabin,et al.  Verifiable secret sharing and multiparty protocols with honest majority , 1989, STOC '89.

[31]  Alex J. Malozemoff,et al.  Efficient Three-Party Computation from Cut-and-Choose , 2014, CRYPTO.

[32]  Ueli Maurer,et al.  Universally Composable Synchronous Computation , 2013, TCC.

[33]  Dan Boneh,et al.  Evaluating 2-DNF Formulas on Ciphertexts , 2005, TCC.

[34]  Martin Hirt,et al.  Cryptographic Asynchronous Multi-party Computation with Optimal Resilience (Extended Abstract) , 2005, EUROCRYPT.

[35]  Ran Canetti,et al.  Asynchronous secure computation , 1993, STOC.

[36]  Ran Canetti,et al.  Fast asynchronous Byzantine agreement with optimal resilience , 1993, STOC.

[37]  Vinod Vaikuntanathan,et al.  Multiparty Computation with Low Communication, Computation and Interaction via Threshold FHE , 2012, EUROCRYPT.