Randomness versus Fault-Tolerance

Abstract. We investigate the relations between two major properties of multiparty protocols: fault tolerance (or resilience ) and randomness . Fault-tolerance is measured in terms of the maximum number of colluding faulty parties, t , that a protocol can withstand and still maintain the privacy of the inputs and the correctness of the outputs (of the honest parties). Randomness is measured in terms of the total number of random bits needed by the parties in order to execute the protocol. Previously, the upper bound on the amount of randomness required by general constructions for securely computing any nontrivial function f was polynomial both in n , the total number of parties, and the circuit-size C(f) . This was the state of knowledge even for the special case t=1 (i.e., when there is at most one faulty party). In this paper we show that for any linear-size circuit, and for any number t < n/3 of faulty

[1]  Rafail Ostrovsky,et al.  Reducibility and completeness in multi-party private computations , 1994, Proceedings 35th Annual Symposium on Foundations of Computer Science.

[2]  Adi Shamir,et al.  How to share a secret , 1979, CACM.

[3]  Manuel Blum,et al.  How to generate cryptographically strong sequences of pseudo random bits , 1982, 23rd Annual Symposium on Foundations of Computer Science (sfcs 1982).

[4]  Cynthia Dwork,et al.  Randomization in Byzantine Agreement , 1989, Adv. Comput. Res..

[5]  Russell Impagliazzo,et al.  How to recycle random bits , 1989, 30th Annual Symposium on Foundations of Computer Science.

[6]  Ran Canetti,et al.  Bounds on tradeoffs between randomness and communication complexity , 1990, Proceedings [1990] 31st Annual Symposium on Foundations of Computer Science.

[7]  Donald Beaver Perfect Privacy For Two-Party Protocols , 1989, Distributed Computing And Cryptography.

[8]  Donald Beaver,et al.  Foundations of Secure Interactive Computing , 1991, CRYPTO.

[9]  D SIAMJ. RANDOMNESS IN PRIVATE COMPUTATIONS , 1997 .

[10]  Y. Mansour,et al.  On construction of k-wise independent random variables , 1994, STOC '94.

[11]  Douglas R. Stinson,et al.  On the Dealer's Randomness Required in Secret Sharing Schemes , 1994, Des. Codes Cryptogr..

[12]  David R. Karger,et al.  (De)randomized Construction of Small Sample Spaces in NC , 1997, J. Comput. Syst. Sci..

[13]  F. MacWilliams,et al.  The Theory of Error-Correcting Codes , 1977 .

[14]  David Chaum,et al.  Multiparty unconditionally secure protocols , 1988, STOC '88.

[15]  Ran Canetti,et al.  Studies in secure multiparty computation and applications , 1995 .

[16]  Nancy A. Lynch,et al.  Impossibility of distributed consensus with one faulty process , 1983, PODS '83.

[17]  Noam Nisan,et al.  Pseudorandom generators for space-bounded computation , 1992, Comb..

[18]  Leonard J. Schulman Sample spaces uniform on neighborhoods , 1992, STOC '92.

[19]  Oded Goldreich,et al.  Unbiased Bits from Sources of Weak Randomness and Probabilistic Communication Complexity , 1988, SIAM J. Comput..

[20]  Leonid A. Levin,et al.  Fair Computation of General Functions in Presence of Immoral Majority , 1990, CRYPTO.

[21]  Aravind Srinivasan,et al.  Randomness-optimal unique element isolation, with applications to perfect matching and related problems , 1993, STOC '93.

[22]  Tal Rabin,et al.  Verifiable secret sharing and multiparty protocols with honest majority , 1989, STOC '89.

[23]  Moni Naor,et al.  Adaptively secure multi-party computation , 1996, STOC '96.

[24]  Eyal Kushilevitz,et al.  A zero-one law for Boolean privacy , 1989, STOC '89.

[25]  Rafail Ostrovsky,et al.  Amortizing randomness in private multiparty computations , 1998, PODC '98.

[26]  Alfredo De Santis,et al.  On the Number of Random Bits in Totally Private Computation , 1995, ICALP.

[27]  R. Motwani,et al.  Derandomization through approximation: an NC algorithm for minimum cuts , 1994, STOC '94.

[28]  Yair Oren,et al.  On the cunning power of cheating verifiers: Some observations about zero knowledge proofs , 1987, 28th Annual Symposium on Foundations of Computer Science (sfcs 1987).

[29]  A. Yao How to generate and exchange secrets , 1986, 27th Annual Symposium on Foundations of Computer Science (sfcs 1986).

[30]  Rafail Ostrovsky,et al.  Characterizing linear size circuits in terms of privacy , 1996, STOC '96.

[31]  Yishay Mansour,et al.  On construction ofk-wise independent random variables , 1997, Comb..

[32]  Oded Goldreich,et al.  Foundations of Cryptography (Fragments of a Book) , 1995 .

[33]  Leonid A. Levin,et al.  Pseudo-random generation from one-way functions , 1989, STOC '89.

[34]  Eyal Kushilevitz,et al.  A Randomness-Rounds Tradeoff in Private Computation , 1994, SIAM J. Discret. Math..

[35]  Baruch Awerbuch,et al.  Verifiable secret sharing and achieving simultaneity in the presence of faults , 1985, 26th Annual Symposium on Foundations of Computer Science (sfcs 1985).

[36]  Alfredo De Santis,et al.  Randomness in Distribution Protocols , 1996, Inf. Comput..

[37]  Moni Naor,et al.  A Minimal Model for Secure Computation , 2002 .

[38]  Nancy A. Lynch,et al.  A Lower Bound for the Time to Assure Interactive Consistency , 1982, Inf. Process. Lett..

[39]  Nimrod Megiddo,et al.  Constructing Small Sample Spaces Satisfying Given Constraints , 1994, SIAM J. Discret. Math..

[40]  Tal Rabin,et al.  Simplified VSS and fast-track multiparty computations with applications to threshold cryptography , 1998, PODC '98.

[41]  Ran Canetti,et al.  Security and Composition of Multiparty Cryptographic Protocols , 2000, Journal of Cryptology.

[42]  Nimrod Megiddo,et al.  Constructing small sample spaces satisfying given constraints , 1993, SIAM J. Discret. Math..

[43]  Eyal Kushilevitz,et al.  A Communication-Privacy Tradeoff for Modular Addition , 1993, Inf. Process. Lett..

[44]  Eyal Kushilevitz,et al.  Privacy and communication complexity , 1989, 30th Annual Symposium on Foundations of Computer Science.

[45]  Silvio Micali,et al.  The Knowledge Complexity of Interactive Proof Systems , 1989, SIAM J. Comput..

[46]  O. Antoine,et al.  Theory of Error-correcting Codes , 2022 .

[47]  Silvio Micali,et al.  An Optimal Algorithm for Synchronous Byzantine Agreement , 1997 .

[48]  Avi Wigderson,et al.  Completeness theorems for non-cryptographic fault-tolerant distributed computation , 1988, STOC '88.

[49]  Johan Håstad,et al.  Pseudo-random generators under uniform assumptions , 1990, STOC '90.

[50]  Silvio Micali,et al.  How to play ANY mental game , 1987, STOC.

[51]  Moni Naor,et al.  Small-Bias Probability Spaces: Efficient Constructions and Applications , 1993, SIAM J. Comput..

[52]  Silvio Micali,et al.  The knowledge complexity of interactive proof-systems , 1985, STOC '85.

[53]  Richard M. Wilson,et al.  A course in combinatorics , 1992 .

[54]  Madhu Sudan,et al.  Algorithmic Issues in Coding Theory , 1997, FSTTCS.