Fast and unconditionally secure anonymous channel

In this paper we focus on sender-anonymous channels (a.k.a. Dining Cryptographers networks) and present a construction requiring a very low (constant) number of rounds of interaction while tolerating actively malicious behavior by some of the participants (up to less than half of them). Our construction is unconditionally secure (meaning that no bounds are placed on the computational power of the adversary), makes black-box use of a verifiable secret sharing (VSS) protocol, and is based on a special-purpose secure multiparty computation protocol implementing the method of "throwing darts;" its round complexity is essentially equal to that of the VSS protocol. In addition, since broadcast cannot be simulated in a point-to-point network when a third or more of the participants are corrupt, it is impossible to construct VSS (and, more generally, any other basic multiparty protocol) in this setting without using a "physical broadcast channel," and a recent line of research has sought to minimize the use of this expensive resource. Our anonymous channel protocol's reduction to VSS is broadcast-round-preserving, thus making the fewest (known to date) calls to the broadcast channel while running in an overall constant number of rounds. Finally, anonymous channels play an important role in the setup phase of an authentication technique known as pseudosignatures, which then may be used to simulate authenticated Byzantine agreement protocols in the information-theoretic setting. Plugging in our anonymous channel translates into a fast (and broadcast-efficient) pseudosignature construction.

[1]  Ivan Damgård,et al.  Efficient Multiparty Computations Secure Against an Adaptive Adversary , 1999, EUROCRYPT.

[2]  C. Pandu Rangan,et al.  The Round Complexity of Verifiable Secret Sharing: The Statistical Case , 2010, ASIACRYPT.

[3]  Yvo Desmedt,et al.  Perfectly Secure Message Transmission , 2011, Encyclopedia of Cryptography and Security.

[4]  Rafail Ostrovsky,et al.  Broadcast (and Round) Efficient Verifiable Secret Sharing , 2013, ICITS.

[5]  Bingsheng Zhang,et al.  Generic Constant-Round Oblivious Sorting Algorithm for MPC , 2011, ProvSec.

[6]  Michael K. Reiter,et al.  Anonymous Web transactions with Crowds , 1999, CACM.

[7]  David Chaum,et al.  Unconditionally Secure Digital Signatures , 1990, CRYPTO.

[8]  Torben Hagerup Fast Parallel Generation of Random Permutations , 1991, ICALP.

[9]  M. Skala Hypergeometric tail inequalities: ending the insanity , 2013, 1311.5939.

[10]  Danny Dolev,et al.  Authenticated Algorithms for Byzantine Agreement , 1983, SIAM J. Comput..

[11]  Eike Kiltz,et al.  Unconditionally Secure Constant Round Multi-Party Computation for Equality, Comparison, Bits and Exponentiation , 2006, IACR Cryptol. ePrint Arch..

[12]  Paul F. Syverson,et al.  Onion routing , 1999, CACM.

[13]  Silvio Micali,et al.  How to play ANY mental game , 1987, STOC.

[14]  Nick Mathewson,et al.  Tor: The Second-Generation Onion Router , 2004, USENIX Security Symposium.

[15]  Matthew K. Franklin,et al.  Identity-Based Encryption from the Weil Pairing , 2001, CRYPTO.

[16]  David Chaum,et al.  Multiparty unconditionally secure protocols , 1988, STOC '88.

[17]  Brent Waters,et al.  Encoding Functions with Constant Online Rate or How to Compress Garbled Circuits Keys , 2013, CRYPTO.

[18]  Baruch Awerbuch,et al.  Verifiable secret sharing and achieving simultaneity in the presence of faults , 1985, 26th Annual Symposium on Foundations of Computer Science (sfcs 1985).

[19]  Tal Rabin,et al.  Verifiable secret sharing and multiparty protocols with honest majority , 1989, STOC '89.

[20]  David Chaum,et al.  The dining cryptographers problem: Unconditional sender and recipient untraceability , 1988, Journal of Cryptology.

[21]  Rafail Ostrovsky,et al.  Cryptography from Anonymity , 2006, 2006 47th Annual IEEE Symposium on Foundations of Computer Science (FOCS'06).

[22]  Judit Bar-Ilan,et al.  Non-cryptographic fault-tolerant computing in constant number of rounds of interaction , 1989, PODC '89.

[23]  Moti Yung,et al.  Perfectly secure message transmission , 1993, JACM.

[24]  Bert den Boer,et al.  Detection of Disrupters in the DC Protocol , 1990, EUROCRYPT.

[25]  Rafail Ostrovsky,et al.  Near-Linear Unconditionally-Secure Multiparty Computation with a Dishonest Minority , 2012, CRYPTO.

[26]  Ueli Maurer,et al.  Efficient Secure Multi-party Computation , 2000, ASIACRYPT.

[27]  Michael Waidner,et al.  Unconditional Sender and Recipient Untraceability in Spite of Active Attacks , 1990, EUROCRYPT.

[28]  Yuval Ishai,et al.  Constant-Round Multiparty Computation Using a Black-Box Pseudorandom Generator , 2005, CRYPTO.

[29]  I. Damglurd Unconditionally secure constant-rounds multi-party computation for equality, comparison, bits and exponentiation , 2006 .

[30]  Jonathan Katz,et al.  On expected constant-round protocols for Byzantine agreement , 2006, J. Comput. Syst. Sci..

[31]  David Chaum,et al.  Untraceable electronic mail, return addresses, and digital pseudonyms , 1981, CACM.

[32]  Birgit Pfitzmann,et al.  Information-Theoretic Pseudosignatures and Byzantine Agreement for t ≥ n/3 , 2007 .

[33]  Vasek Chvátal,et al.  The tail of the hypergeometric distribution , 1979, Discret. Math..

[34]  Leslie Lamport,et al.  The Byzantine Generals Problem , 1982, TOPL.

[35]  Junji Shikata,et al.  Security Notions for Unconditionally Secure Signature Schemes , 2002, EUROCRYPT.

[36]  Nicholas Hopper,et al.  k-anonymous message transmission , 2003, CCS '03.

[37]  Martin Hirt,et al.  Efficient Byzantine Agreement with Faulty Minority , 2007, ASIACRYPT.

[38]  George Danezis,et al.  Mixminion: design of a type III anonymous remailer protocol , 2003, 2003 Symposium on Security and Privacy, 2003..

[39]  Tal Rabin,et al.  Robust sharing of secrets when the dealer is honest or cheating , 1994, JACM.

[40]  Ari Juels,et al.  Dining Cryptographers Revisited , 2004, EUROCRYPT.

[41]  Avi Wigderson,et al.  Completeness theorems for non-cryptographic fault-tolerant distributed computation , 1988, STOC '88.