Partial Fairness in Secure Two-Party Computation

A seminal result of Cleve (STOC ’86) is that complete fairness is impossible to achieve in two-party computation. In light of this, various techniques for obtaining partial fairness have been suggested in the literature. We propose a definition of partial fairness within the standard real-/ideal-world paradigm that addresses deficiencies of prior definitions. We also show broad feasibility results with respect to our definition: partial fairness is possible for any (randomized) functionality f:X ×Y →Z1 ×Z2 at least one of whose domains or ranges is polynomial in size. Our protocols are always private, and when one of the domains has polynomial size our protocols also simultaneously achieve the usual notion of security with abort. In contrast to some prior work, we rely on standard assumptions only. We also show that, as far as general feasibility is concerned, our results are optimal (with respect to our definition).

[1]  Yehuda Lindell,et al.  Complete Fairness in Secure Two-Party Computation , 2011, JACM.

[2]  Oded Goldreich,et al.  Foundations of Cryptography: Volume 2, Basic Applications , 2004 .

[3]  Manoj Prabhakaran,et al.  Resource Fairness and Composability of Cryptographic Protocols , 2006, Journal of Cryptology.

[4]  Jonathan Katz,et al.  Complete Fairness in Multi-Party Computation Without an Honest Majority , 2009, IACR Cryptol. ePrint Arch..

[5]  Moni Naor,et al.  Timed Commitments , 2000, CRYPTO.

[6]  Leonid A. Levin,et al.  Fair Computation of General Functions in Presence of Immoral Majority , 1990, CRYPTO.

[7]  Yehuda Lindell,et al.  Security Against Covert Adversaries: Efficient Protocols for Realistic Adversaries , 2007, TCC.

[8]  Benny Pinkas,et al.  Fair Secure Two-Party Computation , 2003, EUROCRYPT.

[9]  Oded Goldreich Foundations of Cryptography: Index , 2001 .

[10]  Jonathan Katz On achieving the "best of both worlds" in secure multiparty computation , 2007, STOC '07.

[11]  Silvio Micali,et al.  How to simultaneously exchange a secret bit by flipping a symmetrically-biased coin , 1983, 24th Annual Symposium on Foundations of Computer Science (sfcs 1983).

[12]  Manuel Blum,et al.  How to exchange (secret) keys , 1983, TOCS.

[13]  Richard Cleve,et al.  Controlled Gradual Disclosure Schemes for Random Bits and Their Applications , 1989, CRYPTO.

[14]  Donald Beaver,et al.  Foundations of Secure Interactive Computing , 1991, CRYPTO.

[15]  Donald Beaver,et al.  Multiparty computation with faulty majority , 1989, 30th Annual Symposium on Foundations of Computer Science.

[16]  Ivan Damgård,et al.  Practical and provably secure release of a secret and exchange of signatures , 1994, Journal of Cryptology.

[17]  Matthew Franklin,et al.  Complexity and security of distributed protocols , 1994 .

[18]  Abhi Shelat,et al.  Completely fair SFE and coalition-safe cheap talk , 2004, PODC '04.

[19]  Moni Naor,et al.  Concurrent zero-knowledge , 2004, JACM.

[20]  Ivan B. Damg Practical and Provably Secure Release of a Secret and Exchange of Signatures , 1995 .

[21]  Jan Camenisch,et al.  Optimistic Fair Secure Computation , 2000, CRYPTO.

[22]  Yehuda Lindell,et al.  Session-Key Generation Using Human Passwords Only , 2001, Journal of Cryptology.

[23]  Richard Cleve,et al.  Limits on the security of coin flips when half the processors are faulty , 1986, STOC '86.

[24]  Oded Goldreich,et al.  A randomized protocol for signing contracts , 1985, CACM.

[25]  Ran Canetti,et al.  Security and Composition of Multiparty Cryptographic Protocols , 2000, Journal of Cryptology.

[26]  Andrew Chi-Chih Yao,et al.  How to Generate and Exchange Secrets (Extended Abstract) , 1986, FOCS.

[27]  Silvio Micali,et al.  A fair protocol for signing contracts , 1990, IEEE Trans. Inf. Theory.

[28]  Eran Omri,et al.  Protocols for Multiparty Coin Toss with Dishonest Majority , 2010, CRYPTO.

[29]  Ran Canetti,et al.  Universally composable security: a new paradigm for cryptographic protocols , 2001, Proceedings 2001 IEEE International Conference on Cluster Computing.

[30]  Moti Yung,et al.  Cryptographic Computation: Secure Faut-Tolerant Protocols and the Public-Key Model , 1987, CRYPTO.

[31]  Andrew Chi-Chih Yao,et al.  Protocols for secure computations , 1982, FOCS 1982.