On the round complexity of covert computation

In STOC'05, von Ahn, Hopper and Langford introduced the notion of covert computation. In covert computation, a party runs a secure computation protocol over a covert (or steganographic) channel without knowing if the other parties are participating as well or not. At the end of the protocol, if all parties participated in the protocol and if the function output is "favorable" to all parties, then the output is revealed (along with the fact that everyone participated). All covert computation protocols known so far require a large polynomial number of rounds. In this work, we first study the question of the round complexity of covert computation and obtain the following results: There does not exist a constant round covert computation protocol with respect to black box simulation even for the case of two parties. (In comparison, such protocols are known even for the multi-party case if there is no covertness requirement.) By relying on the two slot non-black-box simulation technique of Pass (STOC'04) and techniques from cryptography in NC0 (Applebaum et al, FOCS'04), we obtain a construction of a constant round covert multi-party computation protocol. Put together, the above adds one more example to the growing list of tasks for which non-black-box simulation techniques (introduced in the work of Barak in FOCS'01) are necessary. Finally, we study the problem of covert multi-party computation in the setting where the parties only have point to point (covert) communication channels. We observe that our covert computation protocol for the broadcast channel inherits, from the protocol of Pass, the property of secure composition in the bounded concurrent setting. Then, as an application of this protocol, somewhat surprisingly we show the existence of covert multi-party computation with point to point channels (assuming that the number of parties is a constant).

[1]  Yehuda Lindell,et al.  A Proof of Yao's Protocol for Secure Two-Party Computation , 2004, Electron. Colloquium Comput. Complex..

[2]  Jonathan Katz,et al.  Round-Efficient Secure Computation in Point-to-Point Networks , 2007, EUROCRYPT.

[3]  ApplebaumBenny,et al.  Cryptography in $NC^0$ , 2006 .

[4]  Oded Goldreich,et al.  Universal arguments and their applications , 2002, Proceedings 17th IEEE Annual Conference on Computational Complexity.

[5]  Diana K. Smetters,et al.  Secret handshakes from pairing-based key agreements , 2003, 2003 Symposium on Security and Privacy, 2003..

[6]  Rafael Pass,et al.  Bounded-concurrent secure multi-party computation with a dishonest majority , 2004, STOC '04.

[7]  Jonathan Katz,et al.  Improving the round complexity of VSS in point-to-point networks , 2008, Inf. Comput..

[8]  John Langford,et al.  Covert two-party computation , 2005, STOC '05.

[9]  Silvio Micali,et al.  The round complexity of secure protocols , 1990, STOC '90.

[10]  John Langford,et al.  Provably Secure Steganography , 2002, IEEE Transactions on Computers.

[11]  Yuval Ishai,et al.  Cryptography in NC0 , 2004, FOCS.

[12]  Silvio Micali,et al.  How to play ANY mental game , 1987, STOC.

[13]  E. Kushilevitz,et al.  Cryptography in NC/sup 0/ , 2004, 45th Annual IEEE Symposium on Foundations of Computer Science.

[14]  Yehuda Lindell,et al.  Strict Polynomial-Time in Simulation and Extraction , 2004, SIAM J. Comput..

[15]  Marina Blanton,et al.  Secret Handshakes with Dynamic and Fuzzy Matching , 2007, NDSS.

[16]  Yuval Ishai,et al.  On Pseudorandom Generators with Linear Stretch in NC0 , 2006, computational complexity.

[17]  Yehuda Lindell,et al.  Secure Computation Without Authentication , 2005, Journal of Cryptology.

[18]  Moni Naor,et al.  Efficient oblivious transfer protocols , 2001, SODA '01.

[19]  Rafail Ostrovsky,et al.  Cryptography with constant computational overhead , 2008, STOC.

[20]  Boaz Barak,et al.  How to go beyond the black-box simulation barrier , 2001, Proceedings 2001 IEEE International Conference on Cluster Computing.

[21]  Yuval Ishai,et al.  Cryptography in NC0 , 2004, SIAM J. Comput..

[22]  Rafail Ostrovsky,et al.  Covert Multi-Party Computation , 2007, 48th Annual IEEE Symposium on Foundations of Computer Science (FOCS'07).

[23]  Leonid A. Levin,et al.  A hard-core predicate for all one-way functions , 1989, STOC '89.

[24]  Andrew Chi-Chih Yao,et al.  Protocols for secure computations , 1982, FOCS 1982.

[25]  Amit Sahai,et al.  Non-malleable non-interactive zero knowledge and adaptive chosen-ciphertext security , 1999, 40th Annual Symposium on Foundations of Computer Science (Cat. No.99CB37039).

[26]  Silvio Micali,et al.  The Round Complexity of Secure Protocols (Extended Abstract) , 1990, STOC 1990.

[27]  Nicholas Hopper,et al.  Public-Key Steganography , 2003, EUROCRYPT.