Secure Message Transmission by Public Discussion: A Brief Survey

In the problem of Secure Message Transmission in the public discussion model (SMT-PD), a Sender wants to send a message to a Receiver privately and reliably. Sender and Receiver are connected by n channels, up to t < n of which may be maliciously controlled by a computationally unbounded adversary, as well as one public channel, which is reliable but not private. The SMT-PD abstraction has been shown instrumental in achieving secure multi-party computation on sparse networks, where a subset of the nodes are able to realize a broadcast functionality, which plays the role of the public channel. In this short survey paper, after formally defining the SMT-PD problem, we overview the basic constructions starting with the first, rather communication-inefficient solutions to the problem, and ending with the most efficient solutions known to-date--optimal private communication and sublinear public communication. These complexities refer to resource use for a single execution of an SMT-PD protocol. We also review the amortized complexity of the problem, which would arise in natural use-case scenarios where S and R must send several messages back and forth, where later messages depend on earlier ones.

[1]  Rafail Ostrovsky,et al.  Fuzzy Extractors: How to Generate Strong Keys from Biometrics and Other Noisy Data , 2004, SIAM J. Comput..

[2]  N. Meyers,et al.  H = W. , 1964, Proceedings of the National Academy of Sciences of the United States of America.

[3]  Cynthia Dwork,et al.  Advances in Cryptology – CRYPTO 2020: 40th Annual International Cryptology Conference, CRYPTO 2020, Santa Barbara, CA, USA, August 17–21, 2020, Proceedings, Part III , 2020, Annual International Cryptology Conference.

[4]  Avi Wigderson,et al.  Completeness theorems for non-cryptographic fault-tolerant distributed computation , 1988, STOC '88.

[5]  Nigel P. Smart Advances in Cryptology - EUROCRYPT 2008, 27th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Istanbul, Turkey, April 13-17, 2008. Proceedings , 2008, EUROCRYPT.

[6]  Shlomo Shamai,et al.  Information Theoretic Security , 2009, Found. Trends Commun. Inf. Theory.

[7]  Rafail Ostrovsky,et al.  Secure Message Transmission with Small Public Discussion , 2010, EUROCRYPT.

[8]  Jonathan Katz,et al.  On Expected Constant-Round Protocols for Byzantine Agreement , 2006, CRYPTO.

[9]  K. Srinathan,et al.  Optimal Perfectly Secure Message Transmission , 2004, CRYPTO.

[10]  Rafail Ostrovsky,et al.  Almost-Everywhere Secure Computation , 2008, EUROCRYPT.

[11]  Kaoru Kurosawa,et al.  Almost Secure (1-Round, n-Channel) Message Transmission Scheme , 2007, ICITS.

[12]  David Zuckerman,et al.  DETERMINISTIC EXTRACTORS FOR BIT-FIXING SOURCES AND EXPOSURE-RESILIENT CRYPTOGRAPHY , 2003 .

[13]  Matthew Franklin,et al.  Advances in Cryptology – CRYPTO 2004 , 2004, Lecture Notes in Computer Science.

[14]  Henri Gilbert,et al.  Advances in Cryptology - EUROCRYPT 2010, 29th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Monaco / French Riviera, May 30 - June 3, 2010. Proceedings , 2010, EUROCRYPT.

[15]  Rafail Ostrovsky,et al.  Improved Fault Tolerance and Secure Computation on Sparse Networks , 2010, ICALP.

[16]  K. Srinathan,et al.  Unconditionally reliable and secure message transmission in undirected synchronous networks: possibility, feasibility and optimality , 2010, Int. J. Appl. Cryptogr..

[17]  Hosame Abu-Amara,et al.  Efficient Perfectly Secure Message Transmission in Synchronous Networks , 1996, Inf. Comput..

[18]  Eli Upfal,et al.  Fault tolerance in networks of bounded degree , 1986, STOC '86.

[19]  Matthias Fitzi,et al.  Towards Optimal and Efficient Perfectly Secure Message Transmission , 2007, TCC.

[20]  Piotr Berman,et al.  Fast consensus in networks of bounded degree , 2005, Distributed Computing.

[21]  K. Srinathan,et al.  On the Optimal Communication Complexity of Multiphase Protocols for Perfect Communication , 2007, 2007 IEEE Symposium on Security and Privacy (SP '07).

[22]  Leslie Lamport,et al.  Reaching Agreement in the Presence of Faults , 1980, JACM.

[23]  Gilles Brassard,et al.  Privacy Amplification by Public Discussion , 1988, SIAM J. Comput..

[24]  Robin Milner,et al.  On Observing Nondeterminism and Concurrency , 1980, ICALP.

[25]  Eli Upfal Tolerating linear number of faults in networks of bounded degree , 1992, PODC '92.

[26]  Matthew K. Franklin,et al.  Secure Communication in Minimal Connectivity Models , 2000, Journal of Cryptology.

[27]  F. MacWilliams,et al.  The Theory of Error-Correcting Codes , 1977 .

[28]  David Chaum,et al.  Multiparty unconditionally secure protocols , 1988, STOC '88.

[29]  Moti Yung,et al.  Perfectly secure message transmission , 1990, Proceedings [1990] 31st Annual Symposium on Foundations of Computer Science.

[30]  Yoram Moses,et al.  Fully polynomial Byzantine agreement in t + 1 rounds , 1993, STOC.

[31]  Ronald Cramer,et al.  Asymptotically Optimal Two-Round Perfectly Secure Message Transmission , 2006, CRYPTO.

[32]  Kaisa Nyberg,et al.  Advances in Cryptology — EUROCRYPT'98 , 1998 .

[33]  Juan A. Garay Partially Connected Networks: Information Theoretically Secure Protocols and Open Problems (Invited Talk) , 2008, ICITS.

[34]  Silvio Micali,et al.  An Optimal Probabilistic Protocol for Synchronous Byzantine Agreement , 1997, SIAM J. Comput..

[35]  Kaoru Kurosawa,et al.  Truly efficient 2-round perfectly secure message transmission scheme , 2009, IEEE Trans. Inf. Theory.

[36]  Leslie Lamport,et al.  The Byzantine Generals Problem , 1982, TOPL.

[37]  Matthew K. Franklin,et al.  Secure Communications in Minimal Connectivity Models , 1998, EUROCRYPT.