Studies on Fault-tolerant Broadcast and Secure Computation

In this dissertation, we consider the design of broadcast and secure multi-party computation (MPC) protocols in the presence of adversarial faults. Secure multi-party computation is the most generic problem in fault-tolerant distributed computing. In principle, a multi-party computation protocol can be used to solve any distributed cryptographic problem. Informally, the problem of multi-party computation is the following: suppose we have n parties P1, P2,…, Pn where each party Pi has a private input xi. Together, the parties want to compute a function of their inputs (y1, y2,…, yn) = f(x1,x2,…, xn). However, some parties can be corrupted and do not execute a prescribed protocol faithfully. Even worse, they may be controlled by an adversary and attack the protocol in a coordinated manner. Despite the presence of such an adversary, a secure MPC protocol should ensure that each (corrupted) party Pi learn only its output yi but nothing more. Broadcast in the presence of adversarial faults is one of the simplest special cases of multi-party computation and important component of larger protocols. In short, broadcast allows a party to send the same message to all parties, and all parties to be assured they have received identical messages. The contribution of this dissertation is twofold. First, we construct broadcast and secure multi-party computation protocols for honest majority in a point-to-point network whose round complexities improve significantly upon prior work. In particular, we give the first expected constant-round authenticated broadcast protocol for honest majority assuming only public-key infrastructure and signatures. Second, we initiate the study of broadcast in radio networks in the presence of adversarial faults. In radio networks, parties communicate through multicasting messages; a message can only be received by the parties within some radius from the sender. Feasibility and impossibility results are given, and our bounds are tight.

[1]  Matthias Fitzi,et al.  Efficient player-optimal protocols for strong and differential consensus , 2003, PODC '03.

[2]  Yehuda Lindell,et al.  Sequential composition of protocols without simultaneous termination , 2002, PODC '02.

[3]  Jonathan Katz,et al.  Round-Efficient Secure Computation in Point-to-Point Networks , 2007, EUROCRYPT.

[4]  Adi Shamir,et al.  How to share a secret , 1979, CACM.

[5]  G. R. BLAKLEY Safeguarding cryptographic keys , 1979, 1979 International Workshop on Managing Requirements Knowledge (MARK).

[6]  K. Srinathan,et al.  Distributed consensus in the presence of sectional faults , 2003, PODC '03.

[7]  Yuval Ishai,et al.  Randomizing polynomials: A new representation with applications to round-efficient secure computation , 2000, Proceedings 41st Annual Symposium on Foundations of Computer Science.

[8]  Alon Rosen,et al.  A Note on the Round-Complexity of Concurrent Zero-Knowledge , 2000, CRYPTO.

[9]  Yehuda Lindell,et al.  On the composition of authenticated byzantine agreement , 2002, STOC '02.

[10]  Oded Goldreich,et al.  How to construct constant-round zero-knowledge proof systems for NP , 1996, Journal of Cryptology.

[11]  Andrzej Pelc,et al.  Feasibility and complexity of broadcasting with random transmission failures , 2007, Theor. Comput. Sci..

[12]  Ran El-Yaniv,et al.  Resilient-optimal interactive consistency in constant time , 2003, Distributed Computing.

[13]  Danny Dolev,et al.  Authenticated Algorithms for Byzantine Agreement , 1983, SIAM J. Comput..

[14]  Tal Rabin,et al.  Simplified VSS and fast-track multiparty computations with applications to threshold cryptography , 1998, PODC '98.

[15]  Michael O. Rabin,et al.  Randomized byzantine generals , 1983, 24th Annual Symposium on Foundations of Computer Science (sfcs 1983).

[16]  Adi Shamir,et al.  Zero Knowledge Proofs of Knowledge in Two Rounds , 1989, CRYPTO.

[17]  Jesper Buus Nielsen,et al.  A Threshold Pseudorandom Function Construction and Its Applications , 2002, CRYPTO.

[18]  Nancy A. Lynch,et al.  A Lower Bound for the Time to Assure Interactive Consistency , 1982, Inf. Process. Lett..

[19]  Murat Demirbas,et al.  Consensus and collision detectors in wireless Ad Hoc networks , 2005, PODC '05.

[20]  Gabriel Bracha,et al.  An O(log n) expected rounds randomized byzantine generals protocol , 1987, JACM.

[21]  Moni Naor,et al.  Universal one-way hash functions and their cryptographic applications , 1989, STOC '89.

[22]  Yehuda Lindell,et al.  Parallel Coin-Tossing and Constant-Round Secure Two-Party Computation , 2001, Journal of Cryptology.

[23]  Brian A. Coan,et al.  A Simple and Efficient Randomized Byzantine Agreement Algorithm , 1985, IEEE Transactions on Software Engineering.

[24]  Donald Beaver,et al.  Efficient Multiparty Protocols Using Circuit Randomization , 1991, CRYPTO.

[25]  Toshiaki Tanaka,et al.  On the Existence of 3-Round Zero-Knowledge Protocols , 1998, CRYPTO.

[26]  Silvio Micali,et al.  Collective Coin Tossing Without Assumptions nor Broadcasting , 1990, CRYPTO.

[27]  Matthias Fitzi,et al.  From partial consistency to global broadcast , 2000, STOC '00.

[28]  Andrzej Pelc,et al.  Fault-Tolerant Broadcasting in Radio Networks , 2001, J. Algorithms.

[29]  Baruch Awerbuch,et al.  Verifiable secret sharing and achieving simultaneity in the presence of faults , 1985, 26th Annual Symposium on Foundations of Computer Science (sfcs 1985).

[30]  Rafail Ostrovsky,et al.  Round Efficiency of Multi-party Computation with a Dishonest Majority , 2003, EUROCRYPT.

[31]  Amit Sahai,et al.  Concurrent zero knowledge with logarithmic round-complexity , 2002, The 43rd Annual IEEE Symposium on Foundations of Computer Science, 2002. Proceedings..

[32]  Yoram Moses,et al.  Coordinated traversal: (t+1)-round Byzantine agreement in polynomial time , 1988, [Proceedings 1988] 29th Annual Symposium on Foundations of Computer Science.

[33]  Chiu-Yuen Koo,et al.  Broadcast in radio networks tolerating byzantine adversarial behavior , 2004, PODC '04.

[34]  Donald Beaver,et al.  Cryptographic Protocols Provably Secure Against Dynamic Adversaries , 1992, EUROCRYPT.

[35]  Donald Beaver,et al.  Secure multiparty protocols and zero-knowledge proof systems tolerating a faulty minority , 2004, Journal of Cryptology.

[36]  Andrzej Pelc,et al.  Broadcasting with locally bounded Byzantine faults , 2005, Inf. Process. Lett..

[37]  Rachid Guerraoui,et al.  Of malicious motes and suspicious sensors: On the efficiency of malicious interference in wireless networks , 2009, Theor. Comput. Sci..

[38]  Birgit Pfitzmann,et al.  Information-Theoretic Pseudosignatures and Byzantine Agreement for t ≥ n/3 , 2007 .

[39]  David B. Shmoys,et al.  Flipping Persuasively in Constant Time , 1990, SIAM J. Comput..

[40]  Leslie Lamport,et al.  Reaching Agreement in the Presence of Faults , 1980, JACM.

[41]  Yuval Ishai,et al.  Constant-Round Multiparty Computation Using a Black-Box Pseudorandom Generator , 2005, CRYPTO.

[42]  Michael Waidner Byzantinische Verteilung ohne kryptographische Annahmen trotz beliebig vieler Fehler , 1992 .

[43]  Moni Naor,et al.  Adaptively secure multi-party computation , 1996, STOC '96.

[44]  Vinod Vaikuntanathan Brief announcement: broadcast in radio networks in the presence of byzantine adversaries , 2005, PODC '05.

[45]  Silvio Micali,et al.  Optimal algorithms for Byzantine agreement , 1988, STOC '88.

[46]  Yuval Ishai,et al.  On 2-Round Secure Multiparty Computation , 2002, CRYPTO.

[47]  Silvio Micali,et al.  An Optimal Probabilistic Protocol for Synchronous Byzantine Agreement , 1997, SIAM J. Comput..

[48]  Yehuda Lindell,et al.  Secure Computation without Agreement , 2002, DISC.

[49]  Leslie Lamport,et al.  The Byzantine Generals Problem , 1982, TOPL.

[50]  Jonathan Katz,et al.  On expected constant-round protocols for Byzantine agreement , 2006, J. Comput. Syst. Sci..

[51]  Donald Beaver,et al.  Multiparty Protocols Tolerating Half Faulty Processors , 1989, CRYPTO.

[52]  Rafail Ostrovsky,et al.  Round-Optimal Secure Two-Party Computation , 2004, CRYPTO.

[53]  Andrew Chi-Chih Yao,et al.  How to generate and exchange secrets , 1986, 27th Annual Symposium on Foundations of Computer Science (sfcs 1986).

[54]  Nitin H. Vaidya,et al.  Reliable Broadcast in Wireless Networks with Probabilistic Failures , 2007, IEEE INFOCOM 2007 - 26th IEEE International Conference on Computer Communications.

[55]  Michael Ben-Or,et al.  Another advantage of free choice (Extended Abstract): Completely asynchronous agreement protocols , 1983, PODC '83.

[56]  John Rompel,et al.  One-way functions are necessary and sufficient for secure signatures , 1990, STOC '90.

[57]  Yuval Ishai,et al.  The round complexity of verifiable secret sharing and secure multicast , 2001, STOC '01.

[58]  Ivan Damgård,et al.  Efficient Multiparty Computations Secure Against an Adaptive Adversary , 1999, EUROCRYPT.

[59]  Silvio Micali,et al.  Byzantine Agreement in Constant Expected Time (and Trusting No One) , 1985, FOCS 1985.

[60]  Nitin H. Vaidya,et al.  Reliable broadcast in radio networks: the bounded collision case , 2006, PODC '06.

[61]  Silvio Micali,et al.  The round complexity of secure protocols , 1990, STOC '90.

[62]  Markus Jakobsson,et al.  Round-Optimal Zero-Knowledge Arguments Based on any One-Way Function , 1997, EUROCRYPT.

[63]  Avi Wigderson,et al.  Completeness theorems for non-cryptographic fault-tolerant distributed computation , 1988, STOC '88.

[64]  Nitin H. Vaidya,et al.  On Reliable Broadcast in a Radio Network : A Simplified Characterization , 2005 .

[65]  Nitin H. Vaidya,et al.  On reliable broadcast in a radio network , 2005, PODC '05.

[66]  Tal Rabin,et al.  Verifiable secret sharing and multiparty protocols with honest majority , 1989, STOC '89.

[67]  Yehuda Lindell,et al.  Information-theoretically secure protocols and security under composition , 2006, STOC '06.

[68]  Moti Yung,et al.  Everything in NP can be Argued in Perfect Zero-Knowledge in a Bounded Number of Rounds (Extended Abstract) , 1989, EUROCRYPT.

[69]  Yoram Moses,et al.  Fully Polynomial Byzantine Agreement for n > 3t Processors in t + 1 Rounds , 1998, SIAM J. Comput..

[70]  Ziv Bar-Joseph,et al.  A tight lower bound for randomized synchronous consensus , 1998, PODC '98.

[71]  Tal Rabin,et al.  Robust sharing of secrets when the dealer is honest or cheating , 1994, JACM.

[72]  K. Srinathan,et al.  Round-Optimal and Efficient Verifiable Secret Sharing , 2006, TCC.

[73]  Sam Toueg,et al.  Randomized Byzantine Agreements , 1984, PODC '84.

[74]  Jeffrey Considine,et al.  Byzantine Agreement Given Partial Broadcast , 2005, Journal of Cryptology.

[75]  David Chaum,et al.  Multiparty unconditionally secure protocols , 1988, STOC '88.