Asynchronous Multiparty Computation with Linear Communication Complexity

Secure multiparty computation (MPC) allows a set of

n

parties to securely compute a function of their private inputs against an adversary corrupting up to

t

parties. Over the previous decade, the communication complexity of

synchronous

MPC protocols could be improved to

$\mathcal{O}(n)$

per multiplication, for various settings. However, designing an

asynchronous

MPC (AMPC) protocol with linear communication complexity was not achieved so far. We solve this open problem by presenting two AMPC protocols with the corruption threshold

t

 < 

n

/ 4. Our first protocol is

statistically

secure (i.e. involves a negligible error) in a completely asynchronous setting and improves the communication complexity of the previous best AMPC protocol in the same setting by a factor of Θ(

n

). Our second protocol is

perfectly

secure (i.e. error free) in a

hybrid

setting, where one round of communication is assumed to be synchronous, and improves the communication complexity of the previous best AMPC protocol in the hybrid setting by a factor of Θ(

n

2

).

Like other efficient MPC protocols, we employ Beaver’s circuit randomization approach (Crypto ’91) and prepare shared random multiplication triples. However, in contrast to previous protocols where triples are prepared by first generating two random shared values which are then multiplied distributively, in our approach each party prepares its own multiplication triples. Given enough such shared triples (potentially partially known to the adversary), we develop a method to extract shared triples unknown to the adversary, avoiding communication-intensive multiplication protocols. This leads to a framework of independent interest.