2012 | OriginalPaper | Buchkapitel
Near-Linear Unconditionally-Secure Multiparty Computation with a Dishonest Minority
verfasst von : Eli Ben-Sasson, Serge Fehr, Rafail Ostrovsky
Erschienen in: Advances in Cryptology – CRYPTO 2012
Verlag: Springer Berlin Heidelberg
Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.
Wählen Sie Textabschnitte aus um mit Künstlicher Intelligenz passenden Patente zu finden. powered by
Markieren Sie Textabschnitte, um KI-gestützt weitere passende Inhalte zu finden. powered by
In the setting of unconditionally-secure MPC, where dishonest players are unbounded and no cryptographic assumptions are used, it was known since the 1980’s that an honest majority of players is both necessary and sufficient to achieve privacy and correctness, assuming secure point-to-point and broadcast channels. The main open question that was left is to establish the exact communication complexity.
We settle the above question by showing an unconditionally-secure MPC protocol, secure against a dishonest minority of malicious players, that matches the communication complexity of the best known MPC protocol in the honest-but-curious setting. More specifically, we present a new
n
-player MPC protocol that is secure against a computationally-unbounded malicious adversary that can adaptively corrupt
t
<
n
/2 of the players. For polynomially-large binary circuits that are not too unshaped, our protocol has an amortized communication complexity of
O
(
n
log
n
+
κ
/
n
const
) bits per multiplication (i.e. AND) gate, where
κ
denotes the security parameter and
const
∈ ℤ is an arbitrary non-negative constant. This improves on the previously most efficient protocol with the same security guarantee, which offers an amortized communication complexity of
O
(
n
2
κ
) bits per multiplication gate. For any
κ
polynomial in
n
, the amortized communication complexity of our protocol matches the
O
(
n
log
n
) bit communication complexity of the best known MPC protocol with passive security.
We introduce several novel techniques that are of independent interest and we believe will have wider applicability. One is a novel idea of computing authentication tags by means of a
mini MPC
, which allows us to avoid expensive double-sharings; the other is a
batch-wise multiplication verification
that allows us to speedup Beaver’s “multiplication triples”.