Studies on Verifiable Secret Sharing, Byzantine Agreement and Multiparty Computation

This dissertation deals with three most important as well as fundamental problems in secure distributed computing, namely Verifiable Secret Sharing (VSS), Byzantine Agreement (BA) and Multiparty Computation (MPC). VSS is a two phase protocol (Sharing and Reconstruction) carried out among n parties in the presence of a centralized adversary who can corrupt up to t parties. Informally, the goal of the VSS protocol is to share a secret s, among the n parties during the sharing phase in a way that would later allow for a unique reconstruction of this secret in the reconstruction phase, while preserving the secrecy of s until the reconstruction phase. VSS is used as a key tool in MPC, BA and many other secure distributed computing problems. It can take many different forms, depending on the underlying network (synchronous or asynchronous), the nature (passive or active) and computing power (bounded or unbounded) of the adversary, type of security (cryptographic or information theoretic) etc. We study VSS in information theoretic setting over both synchronous as well as asynchronous network, considering an active unbounded powerful adversary. Our main contributions for VSS are: • In synchronous network, we carry out in-depth investigation on the round complexity of VSS by allowing a probability of error in computation and show that existing lower bounds for the round complexity of error-free VSS can be circumvented by introducing a negligible probability of error. • We study the communication and round efficiency of VSS in synchronous network and present a robust VSS protocol that is simultaneously communication efficient and round efficient. In addition, our protocol is the best known communication and round efficient protocol in the literature. • In asynchronous network, we study the communication complexity of VSS and propose a number of VSS protocols. Our protocols are highly communication efficient and show significant improvement over the existing protocols in terms of communication complexity. The next problem that we deal with is Byzantine Agreement (BA). BA is considered as one of the most fundamental primitives for fault tolerant distributed computing and cryptographic protocols. BA among a set of n parties, each having a private input value, allows them to reach agreement on a common value even if some of the malicious parties (at most t) try to prevent agreement among the parties. Similar to the case of VSS, several models for BA have been proposed during the last three decades, considering various aspects like the underlying network, the nature and computing power of adversary, type of security. One of these models is BA over asynchronous network which is considered to be more realistic network than synchronous in many occasions. Though important, research in BA in asynchronous network has received much less attention in comparison to the BA protocols in synchronous network. Even the existing protocols for asynchronous BA involve high communication complexity and in general are very inefficient in comparison to their synchronous counterparts. We focus on BA in information theoretic setting over asynchronous network tolerating an active adversary having unbounded computing power and mainly work

[1]  Martin Hirt,et al.  Asynchronous Multi-Party Computation with Quadratic Communication , 2008, ICALP.

[2]  Vincent Rijmen,et al.  Selected Areas in Cryptography, 16th Annual International Workshop, SAC 2009, Calgary, Alberta, Canada, August 13-14, 2009, Revised Selected Papers , 2009, Selected Areas in Cryptography.

[3]  Ran Canetti,et al.  Security and Composition of Multiparty Cryptographic Protocols , 2000, Journal of Cryptology.

[4]  Gabriel Bracha,et al.  An asynchronous [(n - 1)/3]-resilient consensus protocol , 1984, PODC '84.

[5]  K. Srinathan,et al.  Possibility and complexity of probabilistic reliable communication in directed networks , 2006, PODC '06.

[6]  Nancy A. Lynch,et al.  An Efficient Algorithm for Byzantine Agreement without Authentication , 1982, Inf. Control..

[7]  C. Pandu Rangan,et al.  Round Efficient Unconditionally Secure Multiparty Computation Protocol , 2008, INDOCRYPT.

[8]  Piotr Berman,et al.  Bit optimal distributed consensus , 1992 .

[9]  Ueli Maurer,et al.  MPC vs. SFE : Unconditional and Computational Security , 2008, ASIACRYPT.

[10]  Yuval Ishai,et al.  Randomizing polynomials: A new representation with applications to round-efficient secure computation , 2000, Proceedings 41st Annual Symposium on Foundations of Computer Science.

[11]  Yehuda Lindell,et al.  On the composition of authenticated byzantine agreement , 2002, STOC '02.

[12]  Jonathan Katz,et al.  Round-Efficient Secure Computation in Point-to-Point Networks , 2007, EUROCRYPT.

[13]  Markus Stadler,et al.  Publicly Verifiable Secret Sharing , 1996, EUROCRYPT.

[14]  Torben P. Pedersen Non-Interactive and Information-Theoretic Secure Verifiable Secret Sharing , 1991, CRYPTO.

[15]  Benny Pinkas,et al.  Efficient Private Matching and Set Intersection , 2004, EUROCRYPT.

[16]  Matthew K. Franklin,et al.  Communication-Efficient Private Protocols for Longest Common Subsequence , 2009, CT-RSA.

[17]  Martin Hirt,et al.  Simple and Efficient Perfectly-Secure Asynchronous MPC , 2007, ASIACRYPT.

[18]  Manuel Blum,et al.  Noninteractive Zero-Knowledge , 1991, SIAM J. Comput..

[19]  Moti Yung,et al.  Perfectly secure message transmission , 1993, JACM.

[20]  Brian A. Coan,et al.  Modular Construction of a Byzantine Agreement Protocol with Optimal Message Bit Complexity , 1992, Inf. Comput..

[21]  Cynthia Dwork On Verification in Secret Sharing , 1991, CRYPTO.

[22]  K. Srinathan,et al.  Unconditionally secure message transmission in arbitrary directed synchronous networks tolerating generalized mixed adversary , 2009, ASIACCS '09.

[23]  Nancy A. Lynch,et al.  Easy impossibility proofs for distributed consensus problems , 1985, PODC '85.

[24]  Hugo Krawczyk,et al.  Proactive Secret Sharing Or: How to Cope With Perpetual Leakage , 1995, CRYPTO.

[25]  R. Cramer,et al.  Multiparty Computation, an Introduction , 2005 .

[26]  Ueli Maurer,et al.  Secure multi-party computation made simple , 2002, Discret. Appl. Math..

[27]  Donald Beaver,et al.  Cryptographic Protocols Provably Secure Against Dynamic Adversaries , 1992, EUROCRYPT.

[28]  Ueli Maurer,et al.  Player Simulation and General Adversary Structures in Perfect Multiparty Computation , 2000, Journal of Cryptology.

[29]  Donald Beaver,et al.  Secure multiparty protocols and zero-knowledge proof systems tolerating a faulty minority , 2004, Journal of Cryptology.

[30]  K. Srinathan,et al.  Optimal Perfectly Secure Message Transmission , 2004, CRYPTO.

[31]  Rafail Ostrovsky,et al.  Almost-Everywhere Secure Computation , 2008, EUROCRYPT.

[32]  Kannan Balasubramanian,et al.  Secure Multiparty Computation , 2011, Encyclopedia of Cryptography and Security.

[33]  Amos Beimel On private computation in incomplete networks , 2006, Distributed Computing.

[34]  Martin Hirt,et al.  Cryptographic Asynchronous Multi-party Computation with Optimal Resilience (Extended Abstract) , 2005, EUROCRYPT.

[35]  Matthew K. Franklin,et al.  Secure Group Barter: Multi-party Fair Exchange with Semi-Trusted Neutral Parties , 1998, Financial Cryptography.

[36]  Donald Beaver,et al.  Quorum-Based Secure Multi-party Computation , 1998, EUROCRYPT.

[37]  Ran Canetti,et al.  Asynchronous secure computation , 1993, STOC.

[38]  Ran Canetti,et al.  Maintaining Security in the Presence of Transient Faults , 1994, CRYPTO.

[39]  Anna Lysyanskaya,et al.  Asynchronous verifiable secret sharing and proactive cryptosystems , 2002, CCS '02.

[40]  K. Srinathan,et al.  Efficient Asynchronous Secure Multiparty Distributed Computation , 2000, INDOCRYPT.

[41]  Danny Dolev,et al.  Polynomial algorithms for multiple processor agreement , 1982, STOC '82.

[42]  Kaoru Kurosawa,et al.  Optimum Secret Sharing Scheme Secure against Cheating , 1996, EUROCRYPT.

[43]  Gabriel Bracha,et al.  An O(log n) expected rounds randomized byzantine generals protocol , 1987, JACM.

[44]  Danny Dolev,et al.  'Eventual' is earlier than 'immediate' , 1982, 23rd Annual Symposium on Foundations of Computer Science (sfcs 1982).

[45]  David Chaum,et al.  Multiparty Unconditionally Secure Protocols (Extended Abstract) , 1988, STOC.

[46]  C. Pandu Rangan,et al.  Efficient Statistical Asynchronous Verifiable Secret Sharing with Optimal Resilience , 2009, ICITS.

[47]  Dawn Xiaodong Song,et al.  Privacy-Preserving Set Operations , 2005, CRYPTO.

[48]  Matthew K. Franklin,et al.  Improved Efficiency for Private Stable Matching , 2007, CT-RSA.

[49]  Avi Wigderson,et al.  Completeness theorems for non-cryptographic fault-tolerant distributed computation , 1988, STOC '88.

[50]  C. Pandu Rangan,et al.  The Round Complexity of Verifiable Secret Sharing Revisited , 2009, CRYPTO.

[51]  C. Pandu Rangan,et al.  Communication Optimal Multi-valued Asynchronous Byzantine Agreement with Optimal Resilience , 2011, ICITS.

[52]  Piotr Berman,et al.  Cloture Votes:n/4-resilient Distributed Consensus int + 1 rounds , 2005, Mathematical systems theory.

[53]  C. Pandu Rangan,et al.  Round Efficient Unconditionally Secure MPC and Multiparty Set Intersection with Optimal Resilience , 2009, INDOCRYPT.

[54]  Donald Beaver,et al.  Efficient Multiparty Protocols Using Circuit Randomization , 1991, CRYPTO.

[55]  Ivan Damgård,et al.  Asynchronous Multiparty Computation: Theory and Implementation , 2008, IACR Cryptol. ePrint Arch..

[56]  Rosario Gennaro,et al.  Theory and practice of verifiable secret sharing , 1996 .

[57]  Piotr Berman,et al.  Towards Optimal Distributed Consensus (Extended Abstract) , 1989, FOCS 1989.

[58]  Yoram Moses,et al.  Coordinated Traversal: (t + 1)- Round Byzantine Agreement in Polynomial Time , 1994, J. Algorithms.

[59]  Michael J. Fischer,et al.  The Consensus Problem in Unreliable Distributed Systems (A Brief Survey) , 1983, FCT.

[60]  Ueli Maurer,et al.  Robustness for Free in Unconditional Multi-party Computation , 2001, CRYPTO.

[61]  Jeffrey Considine,et al.  Byzantine Agreement Given Partial Broadcast , 2005, Journal of Cryptology.

[62]  Matthias Fitzi,et al.  Trading Correctness for Privacy in Unconditional Multi-Party Computation (Extended Abstract) , 1998, CRYPTO.

[63]  Adi Shamir,et al.  How to share a secret , 1979, CACM.

[64]  Gabriel Bracha,et al.  Asynchronous Byzantine Agreement Protocols , 1987, Inf. Comput..

[65]  Jonathan Katz,et al.  Improving the round complexity of VSS in point-to-point networks , 2008, Inf. Comput..

[66]  Matthias Fitzi,et al.  From partial consistency to global broadcast , 2000, STOC '00.

[67]  Matthias Fitzi,et al.  Detectable byzantine agreement secure against faulty majorities , 2002, PODC '02.

[68]  Keith B. Frikken Secure multiparty computation , 2010 .

[69]  Yvo Desmedt,et al.  Threshold Cryptosystems , 1989, CRYPTO.

[70]  Martin Tompa,et al.  How to share a secret with cheaters , 1988, Journal of Cryptology.

[71]  K. Srinathan,et al.  On Byzantine Agreement over (2, 3)-Uniform Hypergraphs , 2004, DISC.

[72]  Larry Carter,et al.  Universal Classes of Hash Functions , 1979, J. Comput. Syst. Sci..

[73]  Cynthia Dwork,et al.  Strong Verifiable Secret Sharing (Extended Abstract) , 1991, WDAG.

[74]  Martin Hirt,et al.  Robust Multiparty Computation with Linear Communication Complexity , 2006, CRYPTO.

[75]  Silvio Micali,et al.  The Round Complexity of Secure Protocols (Extended Abstract) , 1990, STOC 1990.

[76]  Silvio Micali,et al.  An Optimal Probabilistic Protocol for Synchronous Byzantine Agreement , 1997, SIAM J. Comput..

[77]  Leslie Lamport,et al.  The Byzantine Generals Problem , 1982, TOPL.

[78]  Martin Hirt,et al.  Perfectly-Secure MPC with Linear Communication Complexity , 2008, TCC.

[79]  Danny Dolev,et al.  Authenticated Algorithms for Byzantine Agreement , 1983, SIAM J. Comput..

[80]  Tal Rabin,et al.  Simplified VSS and fast-track multiparty computations with applications to threshold cryptography , 1998, PODC '98.

[81]  Michael O. Rabin,et al.  Randomized byzantine generals , 1983, 24th Annual Symposium on Foundations of Computer Science (sfcs 1983).

[82]  Ueli Maurer,et al.  General Secure Multi-party Computation from any Linear Secret-Sharing Scheme , 2000, EUROCRYPT.

[83]  Nancy A. Lynch,et al.  A Lower Bound for the Time to Assure Interactive Consistency , 1982, Inf. Process. Lett..

[84]  Yuval Ishai,et al.  The round complexity of verifiable secret sharing and secure multicast , 2001, STOC '01.

[85]  Ivan Damgård,et al.  Efficient Multiparty Computations Secure Against an Adaptive Adversary , 1999, EUROCRYPT.

[86]  C. Pandu Rangan,et al.  Communication Efficient Perfectly Secure VSS and MPC in Asynchronous Networks with Optimal Resilience , 2010, AFRICACRYPT.

[87]  Silvio Micali,et al.  Proofs that yield nothing but their validity or all languages in NP have zero-knowledge proof systems , 1991, JACM.

[88]  Martin Hirt,et al.  Upper Bounds on the Communication Complexity of Optimally Resilient Cryptographic Multiparty Computation , 2005, ASIACRYPT.

[89]  Leslie Lamport,et al.  Reaching Agreement in the Presence of Faults , 1980, JACM.

[90]  Rafail Ostrovsky,et al.  How To Withstand Mobile Virus Attacks , 1991, PODC 1991.

[91]  Silvio Micali,et al.  Byzantine Agreement in Constant Expected Time (and Trusting No One) , 1985, FOCS 1985.

[92]  Tal Rabin,et al.  Asynchronous secure computations with optimal resilience (extended abstract) , 1994, PODC '94.

[93]  Matthias Fitzi,et al.  Generalized communication and security models in Byzantine agreement , 2002 .

[94]  Matthias Fitzi,et al.  Optimally efficient multi-valued byzantine agreement , 2006, PODC '06.

[95]  Danny Dolev,et al.  Early stopping in Byzantine agreement , 1990, JACM.

[96]  Josh Benaloh,et al.  Generalized Secret Sharing and Monotone Functions , 1990, CRYPTO.

[97]  K. Srinathan,et al.  Trading Players for Efficiency in Unconditional Multiparty Computation , 2002, SCN.

[98]  Ueli Maurer,et al.  Realistic Failures in Secure Multi-party Computation , 2009, TCC.

[99]  Zheng Huang,et al.  Batch secret sharing for secure multi-party computation in asynchronous network , 2009 .

[100]  Danny Dolev,et al.  The Byzantine Generals Strike Again , 1981, J. Algorithms.

[101]  Ivan Damgård,et al.  On the complexity of verifiable secret sharing and multiparty computation , 2000, STOC '00.

[102]  Sam Toueg,et al.  Asynchronous consensus and broadcast protocols , 1985, JACM.

[103]  Moni Naor,et al.  Adaptively secure multi-party computation , 1996, STOC '96.

[104]  G. R. Blakley,et al.  Safeguarding cryptographic keys , 1899, 1979 International Workshop on Managing Requirements Knowledge (MARK).

[105]  Baruch Awerbuch,et al.  Verifiable secret sharing and achieving simultaneity in the presence of faults , 1985, 26th Annual Symposium on Foundations of Computer Science (sfcs 1985).

[106]  C. Pandu Rangan,et al.  Information Theoretically Secure Multi Party Set Intersection Re-Visited , 2009, IACR Cryptol. ePrint Arch..

[107]  Leslie Lamport,et al.  The Weak Byzantine Generals Problem , 1983, JACM.

[108]  Piotr Berman,et al.  Asymptotically Optimal Distributed Consensus (Extended Abstract) , 1989, ICALP.

[109]  Brian A. Coan,et al.  Extending Binary Byzantine Agreement to Multivalued Byzantine Agreement , 1984, Inf. Process. Lett..

[110]  Jonathan Katz,et al.  On expected constant-round protocols for Byzantine agreement , 2006, J. Comput. Syst. Sci..

[111]  Donald Beaver,et al.  Multiparty Protocols Tolerating Half Faulty Processors , 1989, CRYPTO.

[112]  Seif Haridi,et al.  Distributed Algorithms , 1992, Lecture Notes in Computer Science.

[113]  Matthias Fitzi,et al.  General Adversaries in Unconditional Multi-party Computation , 1999, ASIACRYPT.

[114]  C. Pandu Rangan,et al.  Multi Party Distributed Private Matching, Set Disjointness and Cardinality of Set Intersection with Information Theoretic Security , 2009, CANS.

[115]  C. Pandu Rangan,et al.  Communication and Round Efficient Information Checking Protocol , 2010, ArXiv.

[116]  Yoram Moses,et al.  Coordinated traversal: (t+1)-round Byzantine agreement in polynomial time , 1988, [Proceedings 1988] 29th Annual Symposium on Foundations of Computer Science.

[117]  Juan A. Garay,et al.  A Continuum of Failure Models for Distributed Computing , 1992, WDAG.

[118]  Ueli Maurer,et al.  Complete characterization of adversaries tolerable in secure multi-party computation (extended abstract) , 1997, PODC '97.

[119]  Joan Feigenbaum,et al.  Security with Low Communication Overhead , 1990, CRYPTO.

[120]  Tal Rabin,et al.  Verifiable secret sharing and multiparty protocols with honest majority , 1989, STOC '89.

[121]  Ivan Damgård,et al.  On the Cost of Reconstructing a Secret, or VSS with Optimal Reconstruction Phase , 2001, CRYPTO.

[122]  Judit Bar-Ilan,et al.  Non-cryptographic fault-tolerant computing in constant number of rounds of interaction , 1989, PODC '89.

[123]  Moti Yung,et al.  Resolving message complexity of Byzantine Agreement and beyond , 1995, Proceedings of IEEE 36th Annual Foundations of Computer Science.

[124]  Joe Kilian,et al.  One-Round Secure Computation and Secure Autonomous Mobile Agents , 2000, ICALP.

[125]  Michael Ben-Or,et al.  Another advantage of free choice (Extended Abstract): Completely asynchronous agreement protocols , 1983, PODC '83.

[126]  Danny Dolev,et al.  An almost-surely terminating polynomial protocol for asynchronous byzantine agreement with optimal resilience , 2008, PODC '08.

[127]  Chuankun Wu,et al.  An Unconditionally Secure Protocol for Multi-Party Set Intersection , 2007, ACNS.

[128]  Matthias Fitzi,et al.  Byzantine Agreement Secure against General Adversaries in the Dual Failure Model , 1999, DISC.

[129]  Matthew K. Franklin,et al.  Communication complexity of secure computation (extended abstract) , 1992, STOC '92.

[130]  Zheng Huang,et al.  Efficient Secure Multiparty Computation Protocol in Asynchronous Network , 2009, ISA.

[131]  Moti Yung,et al.  Cryptographic Computation: Secure Faut-Tolerant Protocols and the Public-Key Model , 1987, CRYPTO.

[132]  R. J. McEliece,et al.  On sharing secrets and Reed-Solomon codes , 1981, CACM.

[133]  Martin Hirt,et al.  Almost-Asynchronous MPC with Faulty Minority , 2008, IACR Cryptol. ePrint Arch..

[134]  Ran Canetti,et al.  Fast asynchronous Byzantine agreement with optimal resilience , 1993, STOC.

[135]  Yoram Moses,et al.  Fully Polynomial Byzantine Agreement for n > 3t Processors in t + 1 Rounds , 1998, SIAM J. Comput..

[136]  O. Antoine,et al.  Theory of Error-correcting Codes , 2022 .

[137]  Silvio Micali,et al.  An Optimal Algorithm for Synchronous Byzantine Agreement , 1997 .

[138]  Martin Hirt,et al.  Efficient Multi-party Computation with Dispute Control , 2006, TCC.

[139]  Tal Rabin,et al.  Robust sharing of secrets when the dealer is honest or cheating , 1994, JACM.

[140]  Ivan Damgård,et al.  Scalable and Unconditionally Secure Multiparty Computation , 2007, CRYPTO.

[141]  Matthias Fitzi,et al.  On the Number of Synchronous Rounds Sufficient for Authenticated Byzantine Agreement , 2009, DISC.

[142]  Silvio Micali,et al.  Verifiable Secret Sharing as Secure Computation , 1994, EUROCRYPT.

[143]  Sam Toueg,et al.  Randomized Byzantine Agreements , 1984, PODC '84.

[144]  C. Pandu Rangan,et al.  Efficient Asynchronous Byzantine Agreement with Optimal Resilience , 2008, IACR Cryptol. ePrint Arch..

[145]  Andrew Chi-Chih Yao,et al.  Protocols for secure computations , 1982, FOCS 1982.

[146]  Birgit Pfitzmann,et al.  Unconditional Byzantine Agreement for any Number of Faulty Processors , 1992, STACS.

[147]  Sam Toueg,et al.  Fast Distributed Agreement , 1987, SIAM J. Comput..

[148]  Paul Feldman,et al.  A practical scheme for non-interactive verifiable secret sharing , 1987, 28th Annual Symposium on Foundations of Computer Science (sfcs 1987).

[149]  C. Pandu Rangan,et al.  The Round Complexity of Verifiable Secret Sharing: The Statistical Case , 2010, ASIACRYPT.

[150]  David Chaum,et al.  Multiparty Computations Ensuring Privacy of Each Party's Input and Correctness of the Result , 1987, CRYPTO.

[151]  Yvo Desmedt,et al.  Perfectly Secure Message Transmission , 2011, Encyclopedia of Cryptography and Security.

[152]  Ran Canetti,et al.  Studies in secure multiparty computation and applications , 1995 .

[153]  K. Srinathan,et al.  Round-Optimal and Efficient Verifiable Secret Sharing , 2006, TCC.

[154]  Nancy A. Lynch,et al.  Impossibility of distributed consensus with one faulty process , 1983, PODS '83.

[155]  Matthias Fitzi,et al.  MPC vs. SFE: Perfect Security in a Unified Corruption Model , 2008, TCC.