Universally Composable Multi-party Computation with an Unreliable Common Reference String

Universally composable (UC) multi-party computation has been studied in two settings. When a majority of parties are honest, UC multi-party computation is possible without any assumptions. Without a majority of honest parties, UC multi-party computation is impossible in the plain model, but feasibility results have been obtained in various augmented models. The most popular such model posits a common reference string (CRS) available to parties executing the protocol. In either of the above settings, some assumption regarding the protocol execution is made: i.e., that many parties are honest in the first case, or that a legitimately-chosen string is available in the second. If this assumption is incorrect then all security is lost. A natural question is whether it is possible to design protocols secure if either one of these assumptions holds, i.e., a protocol which is secure if either at most s players are dishonest or if up to t > s players are dishonest but the CRS is chosen in the prescribed manner. We show that such protocols exist if and only if s+t

[1]  Yehuda Lindell,et al.  Universally composable two-party and multi-party secure computation , 2002, STOC '02.

[2]  Yehuda Lindell,et al.  On the Limitations of Universally Composable Two-Party Computation Without Set-Up Assumptions , 2003, Journal of Cryptology.

[3]  Amit Sahai,et al.  How to play almost any mental game over the net - concurrent composition via super-polynomial simulation , 2005, 46th Annual IEEE Symposium on Foundations of Computer Science (FOCS'05).

[4]  Ran Canetti,et al.  Universally Composable Security with Global Setup , 2007, TCC.

[5]  Amit Sahai,et al.  New notions of security: achieving universal composability without trusted setup , 2004, STOC '04.

[6]  Jonathan Katz,et al.  Universally Composable Multi-party Computation Using Tamper-Proof Hardware , 2007, EUROCRYPT.

[7]  Tal Rabin,et al.  Verifiable secret sharing and multiparty protocols with honest majority , 1989, STOC '89.

[8]  Yehuda Lindell,et al.  Secure Multi-Party Computation without Agreement , 2005, Journal of Cryptology.

[9]  Jonathan Katz On achieving the "best of both worlds" in secure multiparty computation , 2007, STOC '07.

[10]  Jörn Müller-Quade,et al.  Universally composable zero-knowledge arguments and commitments from signature cards , 2007 .

[11]  Ran Canetti,et al.  Universally composable protocols with relaxed set-up assumptions , 2004, 45th Annual IEEE Symposium on Foundations of Computer Science.

[12]  Ran Canetti,et al.  Universally composable security: a new paradigm for cryptographic protocols , 2001, Proceedings 2001 IEEE International Conference on Cluster Computing.

[13]  Ran Canetti,et al.  Universally Composable Commitments , 2001, CRYPTO.

[14]  Yehuda Lindell,et al.  On Combining Privacy with Guaranteed Output Delivery in Secure Multiparty Computation , 2006, CRYPTO.

[15]  Avi Wigderson,et al.  Completeness theorems for non-cryptographic fault-tolerant distributed computation , 1988, STOC '88.

[16]  Manuel Blum,et al.  Non-interactive zero-knowledge and its applications , 1988, STOC '88.