Complexity and security of distributed protocols

This thesis addresses the topic of secure distributed computation, a general and powerful tool for balancing cooperation and mistrust among independent agents. We study many related models, which differ as to the allowable communication among agents, the ways in which agents may misbehave, and the complexity (cryptographic) assumptions that are made. We present new protocols, both for general secure computation (i.e., of any function over a finite domain) and for specific tasks (e.g., electronic money). We investigate fundamental relationships among security needs and various resource requirements, with an emphasis on communication complexity. A number of mathematical methods are employed for our investigations, including algebraic, graph-theoretic, and cryptographic techniques.

[1]  John B. Shoven,et al.  I , Edinburgh Medical and Surgical Journal.

[2]  R. Stephenson A and V , 1962, The British journal of ophthalmology.

[3]  Elwyn R. Berlekamp,et al.  Algebraic coding theory , 1984, McGraw-Hill series in systems science.

[4]  Richard M. Karp,et al.  Theoretical Improvements in Algorithmic Efficiency for Network Flow Problems , 1972, Combinatorial Optimization.

[5]  David S. Johnson,et al.  Some Simplified NP-Complete Graph Problems , 1976, Theor. Comput. Sci..

[6]  Whitfield Diffie,et al.  New Directions in Cryptography , 1976, IEEE Trans. Inf. Theory.

[7]  Michael O. Rabin,et al.  In Foundations of secure computation , 1978 .

[8]  Adi Shamir,et al.  A method for obtaining digital signatures and public-key cryptosystems , 1978, CACM.

[9]  Richard Zippel,et al.  Probabilistic algorithms for sparse polynomials , 1979, EUROSAM.

[10]  Andrew Chi-Chih Yao,et al.  Some complexity questions related to distributive computing(Preliminary Report) , 1979, STOC.

[11]  Adi Shamir,et al.  How to share a secret , 1979, CACM.

[12]  Jacob T. Schwartz,et al.  Fast Probabilistic Algorithms for Verification of Polynomial Identities , 1980, J. ACM.

[13]  David Chaum,et al.  Untraceable electronic mail, return addresses, and digital pseudonyms , 1981, CACM.

[14]  Christos H. Papadimitriou,et al.  The complexity of searching a graph , 1981, 22nd Annual Symposium on Foundations of Computer Science (sfcs 1981).

[15]  Danny Dolev,et al.  On the security of public key protocols , 1981, 22nd Annual Symposium on Foundations of Computer Science (sfcs 1981).

[16]  Manuel Blum,et al.  How to generate cryptographically strong sequences of pseudo random bits , 1982, 23rd Annual Symposium on Foundations of Computer Science (sfcs 1982).

[17]  Andrew Chi-Chih Yao,et al.  Protocols for secure computations , 1982, FOCS 1982.

[18]  Nancy A. Lynch,et al.  Cryptographic protocols , 1982, STOC '82.

[19]  Leslie Lamport,et al.  The Byzantine Generals Problem , 1982, TOPL.

[20]  Manuel Blum,et al.  How to exchange (secret) keys , 1983, TOCS.

[21]  Imre Bárány,et al.  Mental Poker with Three or More Players , 1983, Inf. Control..

[22]  Vijay V. Vazirani,et al.  Trapdoor pseudo-random number generators, with applications to protocol design , 1983, 24th Annual Symposium on Foundations of Computer Science (sfcs 1983).

[23]  Manuel Blum,et al.  Coin flipping by telephone a protocol for solving impossible problems , 1983, SIGA.

[24]  Richard Berger,et al.  A Provably Secure Oblivious Transfer Protocol , 1985, EUROCRYPT.

[25]  Alon Orlitsky,et al.  Communication with secrecy constraints , 1984, STOC '84.

[26]  Moti Yung Cryptoprotocols: Subscription to a Public Key, the Secret Blocking and the Multi-Player Mental Poker Game (Extended Abstract) , 1984, CRYPTO.

[27]  Taher ElGamal,et al.  A public key cyryptosystem and signature scheme based on discrete logarithms , 1985 .

[28]  Adi Shamir,et al.  The cryptographic security of truncated linearly related variables , 1985, STOC '85.

[29]  Mordechai M. Yung,et al.  Cryptoprotocols: Subscription to a public key, the secret blocking and the multi-player mental poker game , 1985, CRYPTO 1985.

[30]  Silvio Micali,et al.  The knowledge complexity of interactive proof-systems , 1985, STOC '85.

[31]  Claude Crépeau,et al.  A Secure Poker Protocol that Minimizes the Effect of Player Coalitions , 1986, CRYPTO.

[32]  Christos H. Papadimitriou,et al.  Interval graphs and seatching , 1985, Discret. Math..

[33]  Michael J. Fischer,et al.  A robust and verifiable cryptographically secure election scheme , 1985, 26th Annual Symposium on Foundations of Computer Science (sfcs 1985).

[34]  Baruch Awerbuch,et al.  Verifiable secret sharing and achieving simultaneity in the presence of faults , 1985, 26th Annual Symposium on Foundations of Computer Science (sfcs 1985).

[35]  Don Coppersmith,et al.  Cheating at Mental Poker , 1985, CRYPTO.

[36]  David Chaum,et al.  Security without identification: transaction systems to make big brother obsolete , 1985, CACM.

[37]  Oded Goldreich,et al.  A randomized protocol for signing contracts , 1985, CACM.

[38]  Christos H. Papadimitriou,et al.  Searching and Pebbling , 1986, Theor. Comput. Sci..

[39]  A. Yao,et al.  Fair exchange with a semi-trusted third party (extended abstract) , 1997, CCS '97.

[40]  Claude Crépeau,et al.  A Zero-Knowledge Poker Protocol That Achieves Confidentiality of the Players' Strategy or How to Achieve an Electronic Poker Face , 1986, CRYPTO.

[41]  Amos Fiat,et al.  How to Prove Yourself: Practical Solutions to Identification and Signature Problems , 1986, CRYPTO.

[42]  Silvio Micali,et al.  Proofs that yield nothing but their validity and a methodology of cryptographic protocol design , 1986, 27th Annual Symposium on Foundations of Computer Science (sfcs 1986).

[43]  Gilles Brassard,et al.  Information theoretic reductions among disclosure problems , 1986, 27th Annual Symposium on Foundations of Computer Science (sfcs 1986).

[44]  Richard Cleve,et al.  Limits on the security of coin flips when half the processors are faulty , 1986, STOC '86.

[45]  Moti Yung,et al.  Cryptographic Computation: Secure Faut-Tolerant Protocols and the Public-Key Model , 1987, CRYPTO.

[46]  Martin Tompa,et al.  Random self-reducibility and zero knowledge interactive proofs of possession of information , 1987, 28th Annual Symposium on Foundations of Computer Science (sfcs 1987).

[47]  David Chaum,et al.  Multiparty Computations Ensuring Privacy of Each Party's Input and Correctness of the Result , 1987, CRYPTO.

[48]  Yvo Desmedt,et al.  Society and Group Oriented Cryptography: A New Concept , 1987, CRYPTO.

[49]  Martín Abadi,et al.  On hiding information from an oracle , 1987, STOC '87.

[50]  Silvio Micali,et al.  How to play ANY mental game , 1987, STOC.

[51]  Josh Benaloh,et al.  Secret Sharing Homomorphisms: Keeping Shares of A Secret Sharing , 1986, CRYPTO.

[52]  Stuart Alan Haber Multiparty cryptographic computation: techniques and applications , 1988 .

[53]  Martín Abadi,et al.  Authentication: A Practical Study in Belief and Action , 1988, TARK.

[54]  László Babai,et al.  Arthur-Merlin Games: A Randomized Proof System, and a Hierarchy of Complexity Classes , 1988, J. Comput. Syst. Sci..

[55]  Silvio Micali,et al.  Optimal algorithms for Byzantine agreement , 1988, STOC '88.

[56]  Ivan Damgård,et al.  Payment Systems and Credential Mechanisms with Provable Security Against Abuse by Individuals , 1988, CRYPTO.

[57]  Avi Wigderson,et al.  Completeness theorems for non-cryptographic fault-tolerant distributed computation , 1988, STOC '88.

[58]  Carl Pomerance Advances in cryptology -- CRYPTO '87 : proceedings , 1988 .

[59]  Joe Kilian,et al.  Achieving oblivious transfer using weakened security assumptions , 1988, [Proceedings 1988] 29th Annual Symposium on Foundations of Computer Science.

[60]  Avi Wigderson,et al.  The Discrete Logarithm Hides O(log n) Bits , 1988, SIAM J. Comput..

[61]  Russell Impagliazzo,et al.  Limits on the provable consequences of one-way permutations , 1988, STOC '89.

[62]  Moni Naor,et al.  Bit Commitment Using Pseudo-Randomness , 1989, CRYPTO.

[63]  Judit Bar-Ilan,et al.  Non-cryptographic fault-tolerant computing in constant number of rounds of interaction , 1989, PODC '89.

[64]  Tal Rabin,et al.  Verifiable secret sharing and multiparty protocols with honest majority , 1989, STOC '89.

[65]  Kazuo Ohta,et al.  Disposable Zero-Knowledge Authentications and Their Applications to Untraceable Electronic Cash , 1989, CRYPTO.

[66]  Donald Beaver,et al.  Multiparty Protocols Tolerating Half Faulty Processors , 1989, CRYPTO.

[67]  Richard Cleve,et al.  Controlled Gradual Disclosure Schemes for Random Bits and Their Applications , 1989, CRYPTO.

[68]  Moni Naor,et al.  Universal one-way hash functions and their cryptographic applications , 1989, STOC '89.

[69]  Leonid A. Levin,et al.  A hard-core predicate for all one-way functions , 1989, STOC '89.

[70]  Eyal Kushilevitz,et al.  A zero-one law for Boolean privacy , 1989, STOC '89.

[71]  Donald Beaver Perfect Privacy For Two-Party Protocols , 1989, Distributed Computing And Cryptography.

[72]  Russell Impagliazzo,et al.  One-way functions are essential for complexity based cryptography , 1989, 30th Annual Symposium on Foundations of Computer Science.

[73]  David Chaum,et al.  The Spymasters Double-Agent Problem: Multiparty Computations Secure Unconditionally from Minorities and Cryptographically from Majorities , 1989, CRYPTO.

[74]  Rafail Ostrovsky,et al.  On Necessary Conditions for Secure Distributed Computation , 1989, Distributed Computing And Cryptography.

[75]  Eyal Kushilevitz,et al.  Privacy and communication complexity , 1989, 30th Annual Symposium on Foundations of Computer Science.

[76]  Donald Beaver,et al.  Multiparty Computation with Faulty Majority , 1989, CRYPTO.

[77]  Lenore Cowen,et al.  On the Structure of Secret Key Exchange Protocols , 1989, Distributed Computing And Cryptography.

[78]  John Rompel,et al.  One-way functions are necessary and sufficient for secure signatures , 1990, STOC '90.

[79]  Leonid A. Levin,et al.  Fair Computation of General Functions in Presence of Immoral Majority , 1990, CRYPTO.

[80]  Johan Håstad,et al.  Pseudo-random generators under uniform assumptions , 1990, STOC '90.

[81]  Shafi Goldwasser,et al.  Advances in Cryptology — CRYPTO’ 88: Proceedings , 1990, Lecture Notes in Computer Science.

[82]  Joan Feigenbaum,et al.  Hiding Instances in Multioracle Queries , 1990, STACS.

[83]  Joan Feigenbaum,et al.  Security with Low Communication Overhead , 1990, CRYPTO.

[84]  Gustavus J. Simmons Geometric Shared Secret and/or Shared Control Schemes , 1990, CRYPTO.

[85]  Shang-Hua Teng,et al.  Security, Verifiability, and Universality in Distributed Computing , 1990, J. Algorithms.

[86]  Joe Kilian,et al.  Uses of randomness in algorithms and protocols , 1990 .

[87]  Silvio Micali,et al.  The round complexity of secure protocols , 1990, STOC '90.

[88]  Paul D. Seymour,et al.  Monotonicity in Graph Searching , 1991, J. Algorithms.

[89]  Rafail Ostrovsky,et al.  Fair Games against an All-Powerful Adversary , 1990, Advances In Computational Complexity Theory.

[90]  Birgit Pfitzmann,et al.  How To Break and Repair A "Provably Secure" Untraceable Payment System , 1991, CRYPTO.

[91]  Donald Beaver,et al.  Foundations of Secure Interactive Computing , 1991, CRYPTO.

[92]  Joe Kilian,et al.  A general completeness theorem for two party games , 1991, STOC '91.

[93]  Alfredo De Santis,et al.  Communication Efficient Zero-Knowledge Proofs of Knowledge (With Applications to Electronic Cash) , 1992, STACS.

[94]  Rafael Hirschfeld,et al.  Making Electronic Refunds Safer , 1992, CRYPTO.

[95]  J. Feigenbaum Advances in cryptology--CRYPTO '91 : proceedings , 1992 .

[96]  David Chaum,et al.  Wallet Databases with Observers , 1992, CRYPTO.

[97]  Michael Ben-Or,et al.  Computing Algebraic Formulas Using a Constant Number of Registers , 1992, SIAM J. Comput..

[98]  M. Yung,et al.  Secure and E cient O-line Digital Money , 1993 .

[99]  Niels Ferguson,et al.  Extensions of Single-term Coins , 1993, CRYPTO.

[100]  Moti Yung,et al.  Perfectly secure message transmission , 1993, JACM.

[101]  Ran Canetti,et al.  Asynchronous secure computation , 1993, STOC.

[102]  Matthew K. Franklin,et al.  Joint Encryption and Message-Efficient Secure Computation , 1993, CRYPTO.

[103]  Andrea S. LaPaugh,et al.  Recontamination does not help to search a graph , 1993, JACM.

[104]  Reuven Bar-Yehuda,et al.  Privacy, additional information and communication , 1993, IEEE Trans. Inf. Theory.

[105]  Tal Rabin,et al.  Robust sharing of secrets when the dealer is honest or cheating , 1994, JACM.

[106]  Moni Naor,et al.  Amortized Communication Complexity , 1995, SIAM J. Comput..

[107]  Eyal Kushilevitz,et al.  Private Computations over the Integers , 1995, SIAM J. Comput..