Cryptographic Asynchronous Multi-party Computation with Optimal Resilience (Extended Abstract)

We consider secure multi-party computation in the asynchronous model and present an efficient protocol with optimal resilience. For n parties, up to t < n/3 of them being corrupted, and security parameter κ, a circuit with c gates can be securely computed with communication complexity ${\mathcal O}(cn^{3}k)$ bits. In contrast to all previous asynchronous protocols with optimal resilience, our protocol requires access to an expensive broadcast primitive only ${\mathcal O}(n)$ times — independently of the size c of the circuit. This results in a practical protocol with a very low communication overhead. One major drawback of a purely asynchronous network is that the inputs of up to t honest parties cannot be considered for the evaluation of the circuit. Waiting for all inputs could take infinitely long when the missing inputs belong to corrupted parties. Our protocol can easily be extended to a hybrid model, in which we have one round of synchronicity at the end of the input stage, but are fully asynchronous afterwards. In this model, our protocol allows to evaluate the circuit on the inputs of every honest party.

[1]  Victor Shoup,et al.  Practical Threshold Signatures , 2000, EUROCRYPT.

[2]  R. Cramer,et al.  Multiparty Computation from Threshold Homomorphic Encryption , 2000 .

[3]  Ivan Damgård,et al.  Multiparty Computation from Threshold Homomorphic Encryption , 2000, EUROCRYPT.

[4]  Ran Canetti,et al.  Studies in secure multiparty computation and applications , 1995 .

[5]  Jacques Stern,et al.  Sharing Decryption in the Context of Voting or Lotteries , 2000, Financial Cryptography.

[6]  Pascal Paillier,et al.  Public-Key Cryptosystems Based on Composite Degree Residuosity Classes , 1999, EUROCRYPT.

[7]  Ran Canetti,et al.  Universally composable security: a new paradigm for cryptographic protocols , 2001, Proceedings 2001 IEEE International Conference on Cluster Computing.

[8]  Jesper Buus Nielsen,et al.  A Threshold Pseudorandom Function Construction and Its Applications , 2002, CRYPTO.

[9]  Avi Wigderson,et al.  Completeness theorems for non-cryptographic fault-tolerant distributed computation , 1988, STOC '88.

[10]  Matthew K. Franklin,et al.  Joint Encryption and Message-Efficient Secure Computation , 1993, CRYPTO.

[11]  Adi Shamir,et al.  A method for obtaining digital signatures and public-key cryptosystems , 1978, CACM.

[12]  Pim Tuyls,et al.  Practical Two-Party Computation Based on the Conditional Gate , 2004, ASIACRYPT.

[13]  K. Srinathan,et al.  Asynchronous Unconditionally Secure Computation: An Efficiency Improvement , 2002, INDOCRYPT.

[14]  David Chaum,et al.  Multiparty unconditionally secure protocols , 1988, STOC '88.

[15]  Samuel J. Beckett,et al.  Waiting for Godot : tragicomedy in 2 acts , 1954 .

[16]  Yehuda Lindell,et al.  Secure Computation without Agreement , 2002, DISC.

[17]  Ran Canetti,et al.  Asynchronous secure computation , 1993, STOC.

[18]  David Chaum,et al.  Multiparty Unconditionally Secure Protocols (Extended Abstract) , 1988, STOC.

[19]  Ivan Damgård,et al.  A Generalisation, a Simplification and Some Applications of Paillier's Probabilistic Public-Key System , 2001, Public Key Cryptography.

[20]  Tal Rabin,et al.  Asynchronous secure computations with optimal resilience (extended abstract) , 1994, PODC '94.

[21]  Silvio Micali,et al.  How to play ANY mental game , 1987, STOC.

[22]  Andrew Chi-Chih Yao,et al.  Protocols for secure computations , 1982, FOCS 1982.

[23]  K. Srinathan,et al.  Efficient Asynchronous Secure Multiparty Distributed Computation , 2000, INDOCRYPT.