Interaction-Preserving Compilers for Secure Computation

In this work we consider the following question: What is the cost of security for multi-party protocols? Specifically, given an insecure protocol where parties exchange (in the worst case) Γ bits in N rounds, is it possible to design a secure protocol with communication complexity close to Γ and N rounds? We systematically study this problem in a variety of settings and we propose solutions based on the intractability of different cryptographic problems. For the case of two parties we design an interaction-preserving compiler where the number of bits exchanged in the secure protocol approaches Γ and the number of rounds is exactly N , assuming the hardness of standard problems over lattices. For the more general multi-party case, we obtain the same result assuming either (i) an additional round of interaction or (ii) the existence of extractable witness encryption and succinct non-interactive arguments of knowledge. As a contribution of independent interest, we construct the first multi-key fully homomorphic encryption scheme with message-to-ciphertext ratio (i.e., rate) of 1− o(1), assuming the hardness of the learning with errors (LWE) problem. We view our work as a support for the claim that, as far as interaction and communication are concerned, one does not need to pay a significant price for security in multi-party protocols.

[1]  Silvio Micali,et al.  Probabilistic encryption & how to play mental poker keeping secret all partial information , 1982, STOC '82.

[2]  Craig Gentry,et al.  Separating succinct non-interactive arguments from all falsifiable assumptions , 2011, STOC '11.

[3]  Joe Kilian,et al.  A note on efficient zero-knowledge proofs and arguments (extended abstract) , 1992, STOC '92.

[4]  Fabrice Benhamouda,et al.  k-Round Multiparty Computation from k-Round Oblivious Transfer via Garbled Interactive Circuits , 2018, EUROCRYPT.

[5]  Brent Waters,et al.  Witness encryption and its applications , 2013, STOC '13.

[6]  Elaine Shi,et al.  Secure Massively Parallel Computation for Dishonest Majority , 2020, IACR Cryptol. ePrint Arch..

[7]  Rafail Ostrovsky,et al.  Round Optimal Secure Multiparty Computation from Minimal Assumptions , 2020, TCC.

[8]  Manoj Prabhakaran,et al.  The Bottleneck Complexity of Secure Multiparty Computation , 2018, ICALP.

[9]  Yael Tauman Kalai,et al.  How to Run Turing Machines on Encrypted Data , 2013, CRYPTO.

[10]  Jens Groth,et al.  Snarky Signatures: Minimal Signatures of Knowledge from Simulation-Extractable SNARKs , 2017, IACR Cryptol. ePrint Arch..

[11]  Craig Gentry,et al.  Compressible FHE with Applications to PIR , 2019, IACR Cryptol. ePrint Arch..

[12]  Daniel Wichs,et al.  Two Round Multiparty Computation via Multi-key FHE , 2016, EUROCRYPT.

[13]  Hoeteck Wee,et al.  Laconic Function Evaluation and Applications , 2018, 2018 IEEE 59th Annual Symposium on Foundations of Computer Science (FOCS).

[14]  Arka Rai Choudhuri,et al.  Towards Efficiency-Preserving Round Compression in MPC: Do fewer rounds mean more computation? , 2020, IACR Cryptol. ePrint Arch..

[15]  Vinod Vaikuntanathan,et al.  On-the-fly multiparty computation on the cloud via multikey fully homomorphic encryption , 2012, STOC '12.

[16]  Yuval Ishai,et al.  Scalable Multiparty Computation with Nearly Optimal Work and Resilience , 2008, CRYPTO.

[17]  Silvio Micali,et al.  CS Proofs (Extended Abstracts) , 1994, FOCS 1994.

[18]  Craig Gentry,et al.  Two-Round Secure MPC from Indistinguishability Obfuscation , 2014, TCC.

[19]  Moni Naor,et al.  Communication preserving protocols for secure function evaluation , 2001, STOC '01.

[20]  Leonid A. Levin,et al.  Pseudo-random Generation from one-way functions (Extended Abstracts) , 1989, STOC 1989.

[21]  Sanjam Garg,et al.  Two-round Multiparty Secure Computation from Minimal Assumptions , 2018, IACR Cryptol. ePrint Arch..

[22]  Silvio Micali,et al.  A Completeness Theorem for Protocols with Honest Majority , 1987, STOC 1987.

[23]  Yael Tauman Kalai,et al.  Reusable garbled circuits and succinct functional encryption , 2013, STOC '13.

[24]  Yuval Ishai,et al.  Perfectly Secure Multiparty Computation and the Computational Overhead of Cryptography , 2010, IACR Cryptol. ePrint Arch..

[25]  Zhengzhong Jin,et al.  Multikey FHE in the Plain Model , 2020, IACR Cryptol. ePrint Arch..

[26]  Rafail Ostrovsky,et al.  Cryptography with constant computational overhead , 2008, STOC.

[27]  Christoph Böhm,et al.  The Basic Applications , 2013 .

[28]  Nico Döttling,et al.  Laconic Conditional Disclosure of Secrets and Applications , 2019, 2019 IEEE 60th Annual Symposium on Foundations of Computer Science (FOCS).

[29]  Oded Regev,et al.  On lattices, learning with errors, random linear codes, and cryptography , 2005, STOC '05.

[30]  Craig Gentry,et al.  i-Hop Homomorphic Encryption and Rerandomizable Yao Circuits , 2010, IACR Cryptol. ePrint Arch..

[31]  Chris Peikert,et al.  Pseudorandomness of ring-LWE for any ring and modulus , 2017, STOC.

[32]  Andrew Chi-Chih Yao,et al.  How to generate and exchange secrets , 1986, 27th Annual Symposium on Foundations of Computer Science (sfcs 1986).

[33]  Oded Goldreich,et al.  The Foundations of Cryptography - Volume 2: Basic Applications , 2001 .

[34]  Daniel Wichs,et al.  On the Communication Complexity of Secure Function Evaluation with Long Output , 2015, IACR Cryptol. ePrint Arch..

[35]  Arka Rai Choudhuri,et al.  A New Approach to Round-Optimal Secure Multiparty Computation , 2017, CRYPTO.

[36]  Nir Bitansky,et al.  Recursive composition and bootstrapping for SNARKS and proof-carrying data , 2013, STOC '13.

[37]  Vinod Vaikuntanathan,et al.  Multiparty Computation with Low Communication, Computation and Interaction via Threshold FHE , 2012, EUROCRYPT.

[38]  Zvika Brakerski,et al.  Leveraging Linear Decryption: Rate-1 Fully-Homomorphic Encryption and Time-Lock Puzzles , 2019, IACR Cryptol. ePrint Arch..

[39]  Nir Bitansky,et al.  From extractable collision resistance to succinct non-interactive arguments of knowledge, and back again , 2012, ITCS '12.

[40]  Craig Gentry,et al.  On the Implausibility of Differing-Inputs Obfuscation and Extractable Witness Encryption with Auxiliary Input , 2014, Algorithmica.

[41]  Shai Halevi,et al.  Four Round Secure Computation Without Setup , 2017, TCC.

[42]  Amit Sahai,et al.  On the (im)possibility of obfuscating programs , 2001, JACM.

[43]  Craig Gentry,et al.  Fully homomorphic encryption using ideal lattices , 2009, STOC '09.

[44]  Michael Clear,et al.  Multi-identity and Multi-key Leveled FHE from Learning with Errors , 2015, CRYPTO.