Authenticated Garbling and Efficient Maliciously Secure Multi-Party Computation

In this paper, we extend the recent work by Wang et al., who proposed a new framework for secure two-party computation in the preprocessing model that can be instantiated efficiently using TinyOT. We show that their protocol can be generalized to the multi-party setting, where the preprocessing functionality is based on the multi-party TinyOT-like protocol. Assuming there are n parties where at most n−1 parties are corrupted, the function-dependent phase has a total communication complexity of O(κn) bits per AND gate; the online phase has a total communication complexity of O(κn) bits per input/output bit. In the second part of this paper, we propose a new multi-party TinyOT protocol. The new protocol uses a set of new techniques that allow parties to distributively check the correctness without the need for cut-and-choose. The resulting protocol is much more efficient compared to previous protocols: with statistical security parameter ρ, the complexity to generate one AND triple is O( ρ log |C|n ), where |C| is the circuit size. The best previous multi-party TinyOT protocol by Frederiksen et al. has a complexity of O( ρ 2 log2 |C|n ) per AND triple. The complexity is measured in terms of number of symmetric key operations/number of symmetric key messages. The resulting protocol enjoys extremely high efficiency, compared to the state-of-the-art protocol by Lindell et al. that combines the BMR protocol with the SPDZ protocol.

[1]  Yehuda Lindell,et al.  Efficient Constant Round Multi-Party Computation Combining BMR and SPDZ , 2015, IACR Cryptol. ePrint Arch..

[2]  Yehuda Lindell,et al.  High-Throughput Secure Three-Party Computation for Malicious Adversaries and an Honest Majority , 2017, IACR Cryptol. ePrint Arch..

[3]  Marcel Keller,et al.  MASCOT: Faster Malicious Arithmetic Secure Computation with Oblivious Transfer , 2016, IACR Cryptol. ePrint Arch..

[4]  Yehuda Lindell,et al.  More Efficient Constant-Round Multi-Party Computation from BMR and SHE , 2016, IACR Cryptol. ePrint Arch..

[5]  Emmanuela Orsini,et al.  Dishonest Majority Multi-Party Computation for Binary Circuits , 2014, IACR Cryptol. ePrint Arch..

[6]  Ivan Damgård,et al.  Semi-Homomorphic Encryption and Multiparty Computation , 2011, IACR Cryptol. ePrint Arch..

[7]  Ivan Damgård,et al.  Multiparty Computation from Somewhat Homomorphic Encryption , 2012, IACR Cryptol. ePrint Arch..

[8]  Alex J. Malozemoff,et al.  Efficient Three-Party Computation from Cut-and-Choose , 2014, CRYPTO.

[9]  Yuval Ishai,et al.  Constant-Round Multiparty Computation Using a Black-Box Pseudorandom Generator , 2005, CRYPTO.

[10]  Emmanuela Orsini,et al.  High-Performance Multi-party Computation for Binary Circuits Based on Oblivious Transfer , 2021, IACR Cryptol. ePrint Arch..

[11]  Marcel Keller,et al.  A Unified Approach to MPC with Preprocessing using OT , 2015, IACR Cryptol. ePrint Arch..

[12]  Yehuda Lindell,et al.  A Proof of Security of Yao’s Protocol for Two-Party Computation , 2009, Journal of Cryptology.

[13]  Florian Kerschbaum,et al.  Zero-knowledge using garbled circuits: how to prove non-algebraic statements efficiently , 2013, IACR Cryptol. ePrint Arch..

[14]  Claudio Orlandi,et al.  A New Approach to Practical Active-Secure Two-Party Computation , 2012, IACR Cryptol. ePrint Arch..

[15]  Silvio Micali,et al.  The round complexity of secure protocols , 1990, STOC '90.

[16]  Jonathan Katz,et al.  Authenticated Garbling and Efficient Maliciously Secure Two-Party Computation , 2017, CCS.

[17]  Marcel Keller,et al.  Actively Secure OT Extension with Optimal Overhead , 2015, CRYPTO.