On the Power of an Honest Majority in Three-Party Computation Without Broadcast

Fully secure multiparty computation (MPC) allows a set of parties to compute some function of their inputs, while guaranteeing correctness, privacy, fairness, and output delivery. Understanding the necessary and sufficient assumptions that allow for fully secure MPC is an important goal. Cleve (STOC’86) showed that full security cannot be obtained in general without an honest majority. Conversely, by Rabin and Ben-Or (STOC’89), assuming a broadcast channel and an honest majority enables a fully secure computation of any function. Our goal is to characterize the set of functionalities that can be computed with full security, assuming an honest majority, but no broadcast. This question was fully answered by Cohen et al. (TCC’16) – for the restricted class of symmetric functionalities (where all parties receive the same output). Instructively, their results crucially rely on agreement and do not carry over to general asymmetric functionalities. In this work, we focus on the case of three-party asymmetric functionalities, providing a variety of necessary and sufficient conditions to enable fully secure computation. An interesting use-case of our results is server-aided computation, where an untrusted server helps two parties to carry out their computation. We show that without a broadcast assumption, the resource of an external non-colluding server provides no additional power. Namely, a functionality can be computed with the help of the server if and only if it can be computed without it. For fair coin tossing, we further show that the optimal bias for three-party (server-aided) r-round protocol remains Θ (1/r) (as in the two-party setting).

[1]  Eran Omri,et al.  On the Complexity of Fair Coin Flipping , 2018, Electron. Colloquium Comput. Complex..

[2]  Richard Cleve,et al.  Limits on the security of coin flips when half the processors are faulty , 1986, STOC '86.

[3]  Yuval Ishai,et al.  On Fully Secure MPC with Solitary Output , 2019, IACR Cryptol. ePrint Arch..

[4]  Silvio Micali,et al.  A Completeness Theorem for Protocols with Honest Majority , 1987, STOC 1987.

[5]  Tal Rabin,et al.  Verifiable secret sharing and multiparty protocols with honest majority , 1989, STOC '89.

[6]  Nancy A. Lynch,et al.  Easy impossibility proofs for distributed consensus problems , 1985, PODC '85.

[7]  Malte Borcherding,et al.  Levels of authentication in distributed agreement , 1996 .

[8]  Eran Omri,et al.  Tighter Bounds on Multi-Party Coin Flipping via Augmented Weak Martingales and Differentially Private Sampling , 2018, 2018 IEEE 59th Annual Symposium on Foundations of Computer Science (FOCS).

[9]  Ran Canetti,et al.  Security and Composition of Multiparty Cryptographic Protocols , 2000, Journal of Cryptology.

[10]  Nancy A. Lynch,et al.  Consensus in the presence of partial synchrony , 1988, JACM.

[11]  Leslie Lamport,et al.  Reaching Agreement in the Presence of Faults , 1980, JACM.

[12]  Yehuda Lindell,et al.  Complete Fairness in Secure Two-Party Computation , 2011, JACM.

[13]  Niv Buchbinder,et al.  Fair Coin Flipping: Tighter Analysis and the Many-Party Case , 2017, SODA.

[14]  Gilad Asharov,et al.  Towards Characterizing Complete Fairness in Secure Two-Party Computation , 2014, IACR Cryptol. ePrint Arch..

[15]  Manoj Prabhakaran,et al.  On Fair Exchange, Fair Coins and Fair Sampling , 2013, IACR Cryptol. ePrint Arch..

[16]  Matthias Fitzi,et al.  Unconditional Byzantine Agreement and Multi-party Computation Secure against Dishonest Minorities from Scratch , 2002, EUROCRYPT.

[17]  Justin M. Reyneri,et al.  Coin flipping by telephone , 1984, IEEE Trans. Inf. Theory.

[18]  Andrew Chi-Chih Yao,et al.  Protocols for Secure Computations (Extended Abstract) , 1982, FOCS.

[19]  Sam Toueg,et al.  Asynchronous consensus and broadcast protocols , 1985, JACM.

[20]  Rafail Ostrovsky,et al.  Minimal Complete Primitives for Secure Multi-Party Computation , 2001, Journal of Cryptology.

[21]  Iftach Haitner,et al.  An almost-optimally fair three-party coin-flipping protocol , 2014, STOC.

[22]  Eran Omri,et al.  From Fairness to Full Security in Multiparty Computation , 2018, Journal of Cryptology.

[23]  Matthias Fitzi,et al.  Detectable byzantine agreement secure against faulty majorities , 2002, PODC '02.

[24]  Eran Omri,et al.  Characterization of Secure Multiparty Computation Without Broadcast , 2016, Journal of Cryptology.

[25]  Oded Goldreich,et al.  The Foundations of Cryptography - Volume 2: Basic Applications , 2001 .

[26]  Bar Alon,et al.  Almost-Optimally Fair Multiparty Coin-Tossing with Nearly Three-Quarters Malicious , 2016, TCC.

[27]  Jan Camenisch,et al.  Optimistic Fair Secure Computation , 2000, CRYPTO.

[28]  Leslie Lamport,et al.  The Byzantine Generals Problem , 1982, TOPL.

[29]  Yehuda Lindell,et al.  Fairness Versus Guaranteed Output Delivery in Secure Multiparty Computation , 2014, Journal of Cryptology.

[30]  Avi Wigderson,et al.  Completeness Theorems for Non-Cryptographic Fault-Tolerant Distributed Computation (Extended Abstract) , 1988, STOC.

[31]  N. Asokan,et al.  Optimistic Fair Exchange of Digital Signatures (Extended Abstract) , 1998, EUROCRYPT.

[32]  Eran Omri,et al.  Complete Characterization of Fairness in Secure Two-Party Computation of Boolean Functions , 2015, TCC.

[33]  Rudolf Ahlswede,et al.  Founding Cryptography on Oblivious Transfer , 2016 .

[34]  Eran Omri,et al.  Protocols for Multiparty Coin Toss with a Dishonest Majority , 2015, Journal of Cryptology.

[35]  Nikolaos Makriyannis On the Classification of Finite Boolean Functions up to Fairness , 2014, SCN.

[36]  Aggelos Kiayias,et al.  Resource-Restricted Cryptography: Revisiting MPC Bounds in the Proof-of-Work Era , 2020, EUROCRYPT.

[37]  Moni Naor,et al.  An Optimally Fair Coin Toss , 2015, Journal of Cryptology.

[38]  David Chaum,et al.  Multiparty Unconditionally Secure Protocols (Extended Abstract) , 1988, STOC.