Fast Secure Computation for Small Population over the Internet

Secure Multi-Party Computation (MPC) with small number of parties is an interesting area of research, primarily due to its ability to model most real-life MPC applications and the simplicity and efficiency of the resulting protocols. In this work, we present efficient, constant-round 3-party (3PC) and 4-party (4PC) protocols in the honest-majority setting that achieve strong security notions of fairness (corrupted parties receive their output only if all honest parties receive output) and guaranteed output delivery (corrupted parties cannot prevent honest parties from receiving their output). Being constant-round, our constructions are suitable for Internet-like high-latency networks and are built from garbled circuits (GC). Assuming the minimal model of pairwise-private channels, we present two protocols that involve computation and communication of a single GC-- (a) a 4-round 3PC with fairness, (b) a 5-round 4PC with guaranteed output delivery. Empirically, our protocols are on par with the best known 3PC protocol of Mohassel et al. [CCS 2015] that only achieves security with selective abort, in terms of the computation time, LAN runtime, WAN runtime and communication cost. In fact, our 4PC outperforms the 3PC of Mohassel et al. significantly in terms of per-party computation and communication cost. With an extra GC, we improve the round complexity of our 4PC to four rounds. The only 4PC in our setting, given by Ishai et al. [CRYPTO 2015], involves 12 GCs. Assuming an additional broadcast channel, we present a 5-round 3PC with guaranteed output delivery that involves computation and communication of a single GC. A broadcast channel is inevitable in this setting for achieving guaranteed output delivery, owing to an impossibility result in the literature. The overall broadcast communication of our protocol is nominal and most importantly, is independent of the circuit size. This protocol too induces a nominal overhead compared to the protocol of Mohassel et al.

[1]  Yehuda Lindell,et al.  DEMO: High-Throughput Secure Three-Party Computation of Kerberos Ticket Generation , 2016, CCS.

[2]  Silvio Micali,et al.  The round complexity of secure protocols , 1990, STOC '90.

[3]  Mihir Bellare,et al.  Foundations of garbled circuits , 2012, CCS.

[4]  Mitsuru Ito,et al.  Secret sharing scheme realizing general access structure , 1989 .

[5]  Avi Wigderson,et al.  Completeness theorems for non-cryptographic fault-tolerant distributed computation , 1988, STOC '88.

[6]  Yuval Ishai,et al.  Founding Cryptography on Oblivious Transfer - Efficiently , 2008, CRYPTO.

[7]  Oded Goldreich,et al.  The Foundations of Cryptography - Volume 1: Basic Techniques , 2001 .

[8]  Oded Goldreich,et al.  Foundations of Cryptography: List of Figures , 2001 .

[9]  Xiao Wang,et al.  Secure Computation with Low Communication from Cross-checking , 2018, IACR Cryptol. ePrint Arch..

[10]  Tal Rabin,et al.  Verifiable secret sharing and multiparty protocols with honest majority , 1989, STOC '89.

[11]  Frederik Vercauteren,et al.  PICS: Private Image Classification with SVM , 2017, IACR Cryptol. ePrint Arch..

[12]  Yuval Ishai,et al.  Share Conversion, Pseudorandom Secret-Sharing and Applications to Secure Computation , 2005, TCC.

[13]  Ran Canetti,et al.  Security and Composition of Multiparty Cryptographic Protocols , 2000, Journal of Cryptology.

[14]  Alex J. Malozemoff,et al.  Efficient Three-Party Computation from Cut-and-Choose , 2014, CRYPTO.

[15]  Ivan Damgård,et al.  Multiparty Computation for Dishonest Majority: from Passive to Active Security at Low Cost , 2010, IACR Cryptol. ePrint Arch..

[16]  Oded Goldreich Foundations of Cryptography: Index , 2001 .

[17]  Ivan Damgård,et al.  Secure Multiparty Computation Goes Live , 2009, Financial Cryptography.

[18]  Avi Wigderson,et al.  Completeness Theorems for Non-Cryptographic Fault-Tolerant Distributed Computation (Extended Abstract) , 1988, STOC.

[19]  Yehuda Lindell,et al.  High-Throughput Semi-Honest Secure Three-Party Computation with an Honest Majority , 2016, IACR Cryptol. ePrint Arch..

[20]  Vinod Vaikuntanathan,et al.  Multiparty Computation with Low Communication, Computation and Interaction via Threshold FHE , 2012, EUROCRYPT.

[21]  Yehuda Lindell Fast Cut-and-Choose Based Protocols for Malicious and Covert Adversaries , 2013, CRYPTO.

[22]  Eran Omri,et al.  Optimizing Semi-Honest Secure Multiparty Computation for the Internet , 2016, IACR Cryptol. ePrint Arch..

[23]  Silvio Micali,et al.  How to play ANY mental game , 1987, STOC.

[24]  Frederik Vercauteren,et al.  EPIC: Efficient Private Image Classification (or: Learning from the Masters) , 2019, CT-RSA.

[25]  Donald Beaver,et al.  Efficient Multiparty Protocols Using Circuit Randomization , 1991, CRYPTO.

[26]  Dan Bogdanov,et al.  Sharemind: A Framework for Fast Privacy-Preserving Computations , 2008, ESORICS.

[27]  Ivan Damgård,et al.  Semi-Homomorphic Encryption and Multiparty Computation , 2011, IACR Cryptol. ePrint Arch..

[28]  Ivan Damgård,et al.  Multiparty Computation from Somewhat Homomorphic Encryption , 2012, IACR Cryptol. ePrint Arch..

[29]  Yehuda Lindell,et al.  Efficient Constant Round Multi-Party Computation Combining BMR and SPDZ , 2015, IACR Cryptol. ePrint Arch..

[30]  Martin Hirt,et al.  Perfectly-Secure MPC with Linear Communication Complexity , 2008, TCC.

[31]  Dan Bogdanov,et al.  Deploying Secure Multi-Party Computation for Financial Data Analysis - (Short Paper) , 2012, Financial Cryptography.

[32]  Yehuda Lindell,et al.  Efficient Constant-Round Multi-party Computation Combining BMR and SPDZ , 2019, Journal of Cryptology.

[33]  Yehuda Lindell,et al.  Secure Two-Party Computation via Cut-and-Choose Oblivious Transfer , 2010, IACR Cryptol. ePrint Arch..

[34]  David Evans,et al.  Two Halves Make a Whole - Reducing Data Transfer in Garbled Circuits Using Half Gates , 2015, EUROCRYPT.

[35]  Craig Gentry,et al.  Two-Round Secure MPC from Indistinguishability Obfuscation , 2014, TCC.

[36]  Richard Cleve,et al.  Limits on the security of coin flips when half the processors are faulty , 1986, STOC '86.

[37]  Yehuda Lindell,et al.  How To Simulate It - A Tutorial on the Simulation Proof Technique , 2016, IACR Cryptol. ePrint Arch..

[38]  Eran Omri,et al.  Concrete Efficiency Improvements for Multiparty Garbling with an Honest Majority , 2017, LATINCRYPT.

[39]  Rafail Ostrovsky,et al.  Non-interactive and non-malleable commitment , 1998, STOC '98.

[40]  Yehuda Lindell,et al.  High-Throughput Secure Three-Party Computation for Malicious Adversaries and an Honest Majority , 2017, IACR Cryptol. ePrint Arch..

[41]  David Chaum,et al.  Multiparty Computations Ensuring Privacy of Each Party's Input and Correctness of the Result , 1987, CRYPTO.

[42]  Juan A. Garay,et al.  Efficient, Constant-Round and Actively Secure MPC: Beyond the Three-Party Case , 2017, IACR Cryptol. ePrint Arch..

[43]  Rafail Ostrovsky,et al.  Near-Linear Unconditionally-Secure Multiparty Computation with a Dishonest Minority , 2012, CRYPTO.

[44]  Florian Kerschbaum,et al.  Zero-knowledge using garbled circuits: how to prove non-algebraic statements efficiently , 2013, IACR Cryptol. ePrint Arch..

[45]  Moni Naor,et al.  Bit commitment using pseudorandomness , 1989, Journal of Cryptology.

[46]  Benny Pinkas,et al.  Non-Interactive Secure Computation Based on Cut-and-Choose , 2014, IACR Cryptol. ePrint Arch..

[47]  Arpita Patra,et al.  On the Exact Round Complexity of Secure Three-Party Computation , 2018, Journal of Cryptology.

[48]  Claudio Orlandi,et al.  Cross and Clean: Amortized Garbled Circuits with Constant Overhead , 2016, TCC.

[49]  Silvio Micali,et al.  A Completeness Theorem for Protocols with Honest Majority , 1987, STOC 1987.

[50]  Elaine Shi,et al.  Constant-Round MPC with Fairness and Guarantee of Output Delivery , 2015, CRYPTO.

[51]  Vladimir Kolesnikov,et al.  Improved Garbled Circuit: Free XOR Gates and Applications , 2008, ICALP.

[52]  Yehuda Lindell,et al.  Fairness versus Guaranteed Output Delivery in Secure Multiparty Computation , 2014, ASIACRYPT.

[53]  Yehuda Lindell,et al.  Fast Garbling of Circuits Under Standard Assumptions , 2017, Journal of Cryptology.

[54]  Yuval Ishai,et al.  Scalable Secure Multiparty Computation , 2006, CRYPTO.

[55]  Martin Hirt,et al.  Simple and Efficient Perfectly-Secure Asynchronous MPC , 2007, ASIACRYPT.

[56]  John Launchbury,et al.  Application-Scale Secure Multiparty Computation , 2014, ESOP.

[57]  Yehuda Lindell,et al.  Optimized Honest-Majority MPC for Malicious Adversaries — Breaking the 1 Billion-Gate Per Second Barrier , 2017, 2017 IEEE Symposium on Security and Privacy (SP).

[58]  Anat Paskin-Cherniavsky,et al.  Secure Computation with Minimal Interaction, Revisited , 2015, CRYPTO.

[59]  Thomas Shrimpton,et al.  Cryptographic Hash-Function Basics: Definitions, Implications, and Separations for Preimage Resistance, Second-Preimage Resistance, and Collision Resistance , 2004, FSE.

[60]  Ye Zhang,et al.  Fast and Secure Three-party Computation: The Garbled Circuit Approach , 2015, IACR Cryptol. ePrint Arch..

[61]  Ivan Damgård,et al.  Scalable and Unconditionally Secure Multiparty Computation , 2007, CRYPTO.

[62]  Andrew Chi-Chih Yao,et al.  Protocols for Secure Computations (Extended Abstract) , 1982, FOCS.

[63]  Yehuda Lindell,et al.  An Efficient Protocol for Secure Two-Party Computation in the Presence of Malicious Adversaries , 2007, Journal of Cryptology.

[64]  Eran Omri,et al.  Characterization of Secure Multiparty Computation Without Broadcast , 2016, Journal of Cryptology.

[65]  Silvio Micali,et al.  The Round Complexity of Secure Protocols (Extended Abstract) , 1990, STOC 1990.