YOSO: You Only Speak Once / Secure MPC with Stateless Ephemeral Roles

The inherent difficulty of maintaining stateful environments over long periods of time gave rise to the paradigm of serverless computing, where mostly-stateless components are deployed on demand to handle computation tasks, and are teared down once their task is complete. Serverless architecture could offer the added benefit of improved resistance to targeted denial-of-service attacks, by hiding from the attacker the physical machines involved in the protocol until after they complete their work. Realizing such protection, however, requires that the protocol only uses stateless parties, where each party sends only one message and never needs to speaks again. Perhaps the most famous example of this style of protocols is the Nakamoto consensus protocol used in Bitcoin: A peer can win the right to produce the next block by running a local lottery (mining), all while staying covert. Once the right has been won, it is executed by sending a single message. After that, the physical entity never needs to send more messages. We refer to this as the You-Only-Speak-Once (YOSO) property, and initiate the formal study of it within a new model that we call the YOSO model. Our model is centered around the notion of roles, which are stateless parties that can only send a single message. Crucially, our modelling separates the protocol design, that only uses roles, from the roleassignment mechanism, that assigns roles to actual physical entities. This separation enables studying these two aspects separately, and our YOSO model in this work only deals with the protocol-design aspect. We describe several techniques for achieving YOSO MPC; both computational and information theoretic. Our protocols are synchronous and provide guaranteed output delivery (which is important for application domains such as blockchains), assuming honest majority of roles in every time step. We describe a practically efficient computationally-secure protocol, as well as a proof-of-concept information theoretically secure protocol.

[1]  Tal Malkin,et al.  Improved Non-committing Encryption with Applications to Adaptively Secure Protocols , 2009, ASIACRYPT.

[2]  Elaine Shi,et al.  The Sleepy Model of Consensus , 2017, ASIACRYPT.

[3]  Avi Wigderson,et al.  Completeness Theorems for Non-Cryptographic Fault-Tolerant Distributed Computation (Extended Abstract) , 1988, STOC.

[4]  Arka Rai Choudhuri,et al.  Fluid MPC: Secure Multiparty Computation with Dynamic Participants , 2020, IACR Cryptol. ePrint Arch..

[5]  Ran Canetti,et al.  Universally composable security: a new paradigm for cryptographic protocols , 2001, Proceedings 2001 IEEE International Conference on Cluster Computing.

[6]  Ignacio Cascudo,et al.  SCRAPE: Scalable Randomness Attested by Public Entities , 2017, IACR Cryptol. ePrint Arch..

[7]  Tal Rabin,et al.  Simplified VSS and fast-track multiparty computations with applications to threshold cryptography , 1998, PODC '98.

[8]  Tal Rabin,et al.  Robust sharing of secrets when the dealer is honest or cheating , 1994, JACM.

[9]  Jing Chen,et al.  Algorand: A secure and efficient distributed ledger , 2019, Theor. Comput. Sci..

[10]  Ivan Damgård,et al.  Adaptive versus Static Security in the UC Model , 2014, ProvSec.

[11]  Ueli Maurer,et al.  Player Simulation and General Adversary Structures in Perfect Multiparty Computation , 2000, Journal of Cryptology.

[12]  Jens Groth,et al.  Snarky Signatures: Minimal Signatures of Knowledge from Simulation-Extractable SNARKs , 2017, IACR Cryptol. ePrint Arch..

[13]  Daniel Wichs,et al.  Two Round Multiparty Computation via Multi-key FHE , 2016, EUROCRYPT.

[14]  Ivan Damgård,et al.  Multiparty Computation from Threshold Homomorphic Encryption , 2000, EUROCRYPT.

[15]  Ignacio Cascudo,et al.  ALBATROSS: publicly AttestabLe BATched Randomness based On Secret Sharing , 2020, IACR Cryptol. ePrint Arch..

[16]  Ivan Damgård,et al.  Practical Threshold RSA Signatures without a Trusted Dealer , 2000, EUROCRYPT.

[17]  Tal Rabin,et al.  Verifiable secret sharing and multiparty protocols with honest majority , 1989, STOC '89.

[18]  Ivan Damgård,et al.  A generalization of Paillier’s public-key system with applications to electronic voting , 2010, International Journal of Information Security.

[19]  Craig Gentry,et al.  Random-index PIR with Applications to Large-Scale Secure MPC , 2020, IACR Cryptol. ePrint Arch..

[20]  Silvio Micali Very Simple and Efficient Byzantine Agreement , 2017, ITCS.

[21]  Craig Gentry,et al.  Can a Public Blockchain Keep a Secret? , 2020, TCC.

[22]  Rafail Ostrovsky,et al.  The Price of Low Communication in Secure Multi-party Computation , 2017, CRYPTO.

[23]  Chen-Da Liu Zhang,et al.  Asynchronous Byzantine Agreement with Subquadratic Communication , 2020, IACR Cryptol. ePrint Arch..

[24]  S. Nakamoto,et al.  Bitcoin: A Peer-to-Peer Electronic Cash System , 2008 .

[25]  Vinod Vaikuntanathan,et al.  Multiparty Computation with Low Communication, Computation and Interaction via Threshold FHE , 2012, EUROCRYPT.

[26]  Ueli Maurer,et al.  Universally Composable Synchronous Computation , 2013, TCC.