Advertisement

On the Exact Round Complexity of Secure Three-Party Computation

  • Arpita Patra
  • Divya Ravi
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 10992)

Abstract

We settle the exact round complexity of three-party computation (3PC) in honest-majority setting, for a range of security notions such as selective abort, unanimous abort, fairness and guaranteed output delivery. Selective abort security, the weakest in the lot, allows the corrupt parties to selectively deprive some of the honest parties of the output. In the mildly stronger version of unanimous abort, either all or none of the honest parties receive the output. Fairness implies that the corrupted parties receive their output only if all honest parties receive output and lastly, the strongest notion of guaranteed output delivery implies that the corrupted parties cannot prevent honest parties from receiving their output. It is a folklore that the implication holds from the guaranteed output delivery to fairness to unanimous abort to selective abort. We focus on two network settings– pairwise-private channels without and with a broadcast channel.

In the minimal setting of pairwise-private channels, 3PC with selective abort is known to be feasible in just two rounds, while guaranteed output delivery is infeasible to achieve irrespective of the number of rounds. Settling the quest for exact round complexity of 3PC in this setting, we show that three rounds are necessary and sufficient for unanimous abort and fairness. Extending our study to the setting with an additional broadcast channel, we show that while unanimous abort is achievable in just two rounds, three rounds are necessary and sufficient for fairness and guaranteed output delivery. Our lower bound results extend for any number of parties in honest majority setting and imply tightness of several known constructions.

The fundamental concept of garbled circuits underlies all our upper bounds. Concretely, our constructions involve transmitting and evaluating only constant number of garbled circuits. Assumption-wise, our constructions rely on injective (one-to-one) one-way functions.

Notes

Acknowledgement

The first author would like to acknowledge partial support from Google Inc. and SERB Women Excellence Award from Science and Engineering Research Board of India. The second author would like to acknowledge partial support from Indian Association for Research in Computing Science (IARCS) and Microsoft Research India.

References

  1. 1.
    Afshar, A., Mohassel, P., Pinkas, B., Riva, B.: Non-interactive secure computation based on cut-and-choose. In: Nguyen, P.Q., Oswald, E. (eds.) EUROCRYPT 2014. LNCS, vol. 8441, pp. 387–404. Springer, Heidelberg (2014).  https://doi.org/10.1007/978-3-642-55220-5_22CrossRefGoogle Scholar
  2. 2.
    Ananth, P., Choudhuri, A.R., Jain, A.: A new approach to round-optimal secure multiparty computation. In: Katz, J., Shacham, H. (eds.) CRYPTO 2017. LNCS, vol. 10401, pp. 468–499. Springer, Cham (2017).  https://doi.org/10.1007/978-3-319-63688-7_16CrossRefGoogle Scholar
  3. 3.
    Araki, T., Furukawa, J., Lindell, Y., Nof, A., Ohara, K.: High-throughput semi-honest secure three-party computation with an honest majority. In: ACM CCS (2016)Google Scholar
  4. 4.
    Asharov, G., Jain, A., López-Alt, A., Tromer, E., Vaikuntanathan, V., Wichs, D.: Multiparty computation with low communication, computation and interaction via threshold FHE. In: Pointcheval, D., Johansson, T. (eds.) EUROCRYPT 2012. LNCS, vol. 7237, pp. 483–501. Springer, Heidelberg (2012).  https://doi.org/10.1007/978-3-642-29011-4_29CrossRefGoogle Scholar
  5. 5.
    Backes, M., Kate, A., Patra, A.: Computational verifiable secret sharing revisited. In: Lee, D.H., Wang, X. (eds.) ASIACRYPT 2011. LNCS, vol. 7073, pp. 590–609. Springer, Heidelberg (2011).  https://doi.org/10.1007/978-3-642-25385-0_32CrossRefGoogle Scholar
  6. 6.
    Beaver, D.: Efficient multiparty protocols using circuit randomization. In: Feigenbaum, J. (ed.) CRYPTO 1991. LNCS, vol. 576, pp. 420–432. Springer, Heidelberg (1992).  https://doi.org/10.1007/3-540-46766-1_34CrossRefGoogle Scholar
  7. 7.
    Beaver, D., Micali, S., Rogaway, P.: The round complexity of secure protocols (extended abstract). In: ACM STOC (1990)Google Scholar
  8. 8.
    Beerliová-Trubíniová, Z., Hirt, M.: Efficient multi-party computation with dispute control. In: Halevi, S., Rabin, T. (eds.) TCC 2006. LNCS, vol. 3876, pp. 305–328. Springer, Heidelberg (2006).  https://doi.org/10.1007/11681878_16CrossRefGoogle Scholar
  9. 9.
    Bellare, M., Hoang, V.T., Rogaway, P.: Foundations of garbled circuits. In: CCS (2012)Google Scholar
  10. 10.
    Ben-Or, M., Goldwasser, S., Wigderson, A.: Completeness theorems for non-cryptographic fault-tolerant distributed computation (extended abstract). In: STOC (1988)Google Scholar
  11. 11.
    Ben-Sasson, E., Fehr, S., Ostrovsky, R.: Near-linear unconditionally-secure multiparty computation with a dishonest minority. In: Safavi-Naini, R., Canetti, R. (eds.) CRYPTO 2012. LNCS, vol. 7417, pp. 663–680. Springer, Heidelberg (2012).  https://doi.org/10.1007/978-3-642-32009-5_39CrossRefGoogle Scholar
  12. 12.
    Bendlin, R., Damgård, I., Orlandi, C., Zakarias, S.: Semi-homomorphic encryption and multiparty computation. In: Paterson, K.G. (ed.) EUROCRYPT 2011. LNCS, vol. 6632, pp. 169–188. Springer, Heidelberg (2011).  https://doi.org/10.1007/978-3-642-20465-4_11CrossRefGoogle Scholar
  13. 13.
    Bogdanov, D., Laur, S., Willemson, J.: Sharemind: a framework for fast privacy-preserving computations. In: Jajodia, S., Lopez, J. (eds.) ESORICS 2008. LNCS, vol. 5283, pp. 192–206. Springer, Heidelberg (2008).  https://doi.org/10.1007/978-3-540-88313-5_13CrossRefGoogle Scholar
  14. 14.
    Bogdanov, D., Talviste, R., Willemson, J.: Deploying secure multi-party computation for financial data analysis. In: Keromytis, A.D. (ed.) FC 2012. LNCS, vol. 7397, pp. 57–64. Springer, Heidelberg (2012).  https://doi.org/10.1007/978-3-642-32946-3_5CrossRefGoogle Scholar
  15. 15.
    Bogetoft, P., et al.: Secure multiparty computation goes live. In: Dingledine, R., Golle, P. (eds.) FC 2009. LNCS, vol. 5628, pp. 325–343. Springer, Heidelberg (2009).  https://doi.org/10.1007/978-3-642-03549-4_20CrossRefGoogle Scholar
  16. 16.
    Brakerski, Z., Halevi, S., Polychroniadou, A.: Four round secure computation without setup. In: Kalai, Y., Reyzin, L. (eds.) TCC 2017. LNCS, vol. 10677, pp. 645–677. Springer, Cham (2017).  https://doi.org/10.1007/978-3-319-70500-2_22CrossRefGoogle Scholar
  17. 17.
    Chandran, N., Garay, J.A., Mohassel, P., Vusirikala, S.: Efficient, constant-round and actively secure MPC: beyond the three-party case. In: ACM CCS (2017)Google Scholar
  18. 18.
    Chaum, D., Crépeau, C., Damgård, I.: Multiparty unconditionally secure protocols (extended abstract). In: ACM STOC (1988)Google Scholar
  19. 19.
    Chaum, D., Damgård, I.B., van de Graaf, J.: Multiparty computations ensuring privacy of each party’s input and correctness of the result. In: Pomerance, C. (ed.) CRYPTO 1987. LNCS, vol. 293, pp. 87–119. Springer, Heidelberg (1988).  https://doi.org/10.1007/3-540-48184-2_7CrossRefGoogle Scholar
  20. 20.
    Chida, K., et al.: Implementation and evaluation of an efficient secure computation system using ‘R’ for healthcare statistics. J. Am. Med. Inform. Assoc. (2014)Google Scholar
  21. 21.
    Choi, S.G., Katz, J., Malozemoff, A.J., Zikas, V.: Efficient three-party computation from cut-and-choose. In: Garay, J.A., Gennaro, R. (eds.) CRYPTO 2014. LNCS, vol. 8617, pp. 513–530. Springer, Heidelberg (2014).  https://doi.org/10.1007/978-3-662-44381-1_29CrossRefGoogle Scholar
  22. 22.
    Cleve, R.: Limits on the security of coin flips when half the processors are faulty (extended abstract). In: ACM STOC (1986)Google Scholar
  23. 23.
    Cohen, R., Haitner, I., Omri, E., Rotem, L.: Characterization of secure multiparty computation without broadcast. In: Kushilevitz, E., Malkin, T. (eds.) TCC 2016. LNCS, vol. 9562, pp. 596–616. Springer, Heidelberg (2016).  https://doi.org/10.1007/978-3-662-49096-9_25CrossRefzbMATHGoogle Scholar
  24. 24.
    Cohen, R., Lindell, Y.: Fairness versus guaranteed output delivery in secure multiparty computation. In: Sarkar, P., Iwata, T. (eds.) ASIACRYPT 2014. LNCS, vol. 8874, pp. 466–485. Springer, Heidelberg (2014).  https://doi.org/10.1007/978-3-662-45608-8_25CrossRefzbMATHGoogle Scholar
  25. 25.
    Cramer, R., Damgård, I., Dziembowski, S., Hirt, M., Rabin, T.: Efficient multiparty computations secure against an adaptive adversary. In: Stern, J. (ed.) EUROCRYPT 1999. LNCS, vol. 1592, pp. 311–326. Springer, Heidelberg (1999).  https://doi.org/10.1007/3-540-48910-X_22CrossRefGoogle Scholar
  26. 26.
    Damgård, I., Nielsen, J.B.: Scalable and unconditionally secure multiparty computation. In: Menezes, A. (ed.) CRYPTO 2007. LNCS, vol. 4622, pp. 572–590. Springer, Heidelberg (2007).  https://doi.org/10.1007/978-3-540-74143-5_32CrossRefGoogle Scholar
  27. 27.
    Damgård, I., Orlandi, C.: Multiparty computation for dishonest majority: from passive to active security at low cost. In: Rabin, T. (ed.) CRYPTO 2010. LNCS, vol. 6223, pp. 558–576. Springer, Heidelberg (2010).  https://doi.org/10.1007/978-3-642-14623-7_30CrossRefGoogle Scholar
  28. 28.
    Damgård, I., Pastro, V., Smart, N., Zakarias, S.: Multiparty computation from somewhat homomorphic encryption. In: Safavi-Naini, R., Canetti, R. (eds.) CRYPTO 2012. LNCS, vol. 7417, pp. 643–662. Springer, Heidelberg (2012).  https://doi.org/10.1007/978-3-642-32009-5_38CrossRefGoogle Scholar
  29. 29.
    Frederiksen, T.K., Nielsen, J.B., Orlandi, C.: Privacy-free garbled circuits with applications to efficient zero-knowledge. In: Oswald, E., Fischlin, M. (eds.) EUROCRYPT 2015. LNCS, vol. 9057, pp. 191–219. Springer, Heidelberg (2015).  https://doi.org/10.1007/978-3-662-46803-6_7CrossRefGoogle Scholar
  30. 30.
    Furukawa, J., Lindell, Y., Nof, A., Weinstein, O.: High-throughput secure three-party computation for malicious adversaries and an honest majority. In: Coron, J.-S., Nielsen, J.B. (eds.) EUROCRYPT 2017. LNCS, vol. 10211, pp. 225–255. Springer, Cham (2017).  https://doi.org/10.1007/978-3-319-56614-6_8CrossRefGoogle Scholar
  31. 31.
    Garg, S., Polychroniadou, A.: Two-round adaptively secure MPC from indistinguishability obfuscation. In: Dodis, Y., Nielsen, J.B. (eds.) TCC 2015. LNCS, vol. 9015, pp. 614–637. Springer, Heidelberg (2015).  https://doi.org/10.1007/978-3-662-46497-7_24CrossRefGoogle Scholar
  32. 32.
    Garg, S., Mukherjee, P., Pandey, O., Polychroniadou, A.: The exact round complexity of secure computation. In: Fischlin, M., Coron, J.-S. (eds.) EUROCRYPT 2016. LNCS, vol. 9666, pp. 448–476. Springer, Heidelberg (2016).  https://doi.org/10.1007/978-3-662-49896-5_16CrossRefGoogle Scholar
  33. 33.
    Geisler, M.: Viff: Virtual ideal functionality framework (2007)Google Scholar
  34. 34.
    Gennaro, R., Ishai, Y., Kushilevitz, E., Rabin, T.: The round complexity of verifiable secret sharing and secure multicast. In: ACM STOC (2001)Google Scholar
  35. 35.
    Gennaro, R., Ishai, Y., Kushilevitz, E., Rabin, T.: On 2-round secure multiparty computation. In: Yung, M. (ed.) CRYPTO 2002. LNCS, vol. 2442, pp. 178–193. Springer, Heidelberg (2002).  https://doi.org/10.1007/3-540-45708-9_12CrossRefGoogle Scholar
  36. 36.
    Gertner, Y., Ishai, Y., Kushilevitz, E., Malkin, T.: Protecting data privacy in private information retrieval schemes. J. Comput. Syst. Sci. (2000)Google Scholar
  37. 37.
    Goldreich, O., Micali, S., Wigderson, A.: How to play any mental game or a completeness theorem for protocols with honest majority. In: ACM STOC (1987)Google Scholar
  38. 38.
    Goldwasser, S., Lindell, Y.: Secure computation without agreement. In: Malkhi, D. (ed.) DISC 2002. LNCS, vol. 2508, pp. 17–32. Springer, Heidelberg (2002).  https://doi.org/10.1007/3-540-36108-1_2CrossRefGoogle Scholar
  39. 39.
    Dov Gordon, S., Liu, F.-H., Shi, E.: Constant-round MPC with fairness and guarantee of output delivery. In: Gennaro, R., Robshaw, M. (eds.) CRYPTO 2015. LNCS, vol. 9216, pp. 63–82. Springer, Heidelberg (2015).  https://doi.org/10.1007/978-3-662-48000-7_4CrossRefGoogle Scholar
  40. 40.
    Halevi, S., Hazay, C., Polychroniadou, A., Venkitasubramaniam, M.: Round-optimal secure multi-party computation. Cryptology ePrint Archive, Report 2017/1056 (2017). https://eprint.iacr.org/2017/1056
  41. 41.
    Halevi, S., Lindell, Y., Pinkas, B.: Secure computation on the web: computing without simultaneous interaction. In: Rogaway, P. (ed.) CRYPTO 2011. LNCS, vol. 6841, pp. 132–150. Springer, Heidelberg (2011).  https://doi.org/10.1007/978-3-642-22792-9_8CrossRefGoogle Scholar
  42. 42.
    Huang, Y., Katz, J., Kolesnikov, V., Kumaresan, R., Malozemoff, A.J.: Amortizing garbled circuits. In: Garay, J.A., Gennaro, R. (eds.) CRYPTO 2014. LNCS, vol. 8617, pp. 458–475. Springer, Heidelberg (2014).  https://doi.org/10.1007/978-3-662-44381-1_26CrossRefGoogle Scholar
  43. 43.
    Ishai, Y., Kumaresan, R., Kushilevitz, E., Paskin-Cherniavsky, A.: Secure computation with minimal interaction, revisited. In: Gennaro, R., Robshaw, M. (eds.) CRYPTO 2015. LNCS, vol. 9216, pp. 359–378. Springer, Heidelberg (2015).  https://doi.org/10.1007/978-3-662-48000-7_18CrossRefGoogle Scholar
  44. 44.
    Ishai, Y., Kushilevitz, E., Paskin, A.: Secure multiparty computation with minimal interaction. In: Rabin, T. (ed.) CRYPTO 2010. LNCS, vol. 6223, pp. 577–594. Springer, Heidelberg (2010).  https://doi.org/10.1007/978-3-642-14623-7_31CrossRefGoogle Scholar
  45. 45.
    Ishai, Y., Kushilevitz, E., Prabhakaran, M., Sahai, A., Yu, C.-H.: Secure protocol transformations. In: Robshaw, M., Katz, J. (eds.) CRYPTO 2016. LNCS, vol. 9815, pp. 430–458. Springer, Heidelberg (2016).  https://doi.org/10.1007/978-3-662-53008-5_15CrossRefGoogle Scholar
  46. 46.
    Ishai, Y., Prabhakaran, M., Sahai, A.: Founding cryptography on oblivious transfer – efficiently. In: Wagner, D. (ed.) CRYPTO 2008. LNCS, vol. 5157, pp. 572–591. Springer, Heidelberg (2008).  https://doi.org/10.1007/978-3-540-85174-5_32CrossRefGoogle Scholar
  47. 47.
    Ishai, Y., Wee, H.: Partial garbling schemes and their applications. In: Esparza, J., Fraigniaud, P., Husfeldt, T., Koutsoupias, E. (eds.) ICALP 2014. LNCS, vol. 8572, pp. 650–662. Springer, Heidelberg (2014).  https://doi.org/10.1007/978-3-662-43948-7_54CrossRefzbMATHGoogle Scholar
  48. 48.
    Jafargholi, Z., Wichs, D.: Adaptive security of Yao’s garbled circuits. In: Hirt, M., Smith, A. (eds.) TCC 2016. LNCS, vol. 9985, pp. 433–458. Springer, Heidelberg (2016).  https://doi.org/10.1007/978-3-662-53641-4_17CrossRefzbMATHGoogle Scholar
  49. 49.
    Jawurek, M., Kerschbaum, F., Orlandi, C.: Zero-knowledge using garbled circuits: how to prove non-algebraic statements efficiently. In: CCS (2013)Google Scholar
  50. 50.
    Katz, J., Ostrovsky, R.: Round-optimal secure two-party computation. In: Franklin, M. (ed.) CRYPTO 2004. LNCS, vol. 3152, pp. 335–354. Springer, Heidelberg (2004).  https://doi.org/10.1007/978-3-540-28628-8_21CrossRefGoogle Scholar
  51. 51.
    Kiraz, M.S., Schoenmakers, B.: A protocol issue for the malicious case of Yao’s garbled circuit construction. In: 27th Symposium on Information Theory in the Benelux (2006)Google Scholar
  52. 52.
    Launchbury, J., Archer, D., DuBuisson, T., Mertens, E.: Application-scale secure multiparty computation. In: Shao, Z. (ed.) ESOP 2014. LNCS, vol. 8410, pp. 8–26. Springer, Heidelberg (2014).  https://doi.org/10.1007/978-3-642-54833-8_2CrossRefGoogle Scholar
  53. 53.
    Launchbury, J., Diatchki, I.S., DuBuisson, T., Adams-Moran, A.: Efficient lookup-table protocol in secure multiparty computation. In: ACM SIGPLAN ICFP 2012 (2012)Google Scholar
  54. 54.
    Lindell, Y.: Fast cut-and-choose based protocols for malicious and covert adversaries. In: Canetti, R., Garay, J.A. (eds.) CRYPTO 2013. LNCS, vol. 8043, pp. 1–17. Springer, Heidelberg (2013).  https://doi.org/10.1007/978-3-642-40084-1_1CrossRefGoogle Scholar
  55. 55.
    Lindell, Y., Pinkas, B.: An efficient protocol for secure two-party computation in the presence of malicious adversaries. In: Naor, M. (ed.) EUROCRYPT 2007. LNCS, vol. 4515, pp. 52–78. Springer, Heidelberg (2007).  https://doi.org/10.1007/978-3-540-72540-4_4CrossRefzbMATHGoogle Scholar
  56. 56.
    Lindell, Y., Pinkas, B.: A proof of security of Yao’s protocol for two-party computation. J. Cryptol. (2009)Google Scholar
  57. 57.
    Lynch, N.A.: Distributed Algorithms. Morgan Kaufmann (1996)Google Scholar
  58. 58.
    Mohassel, P., Franklin, M.: Efficiency tradeoffs for malicious two-party computation. In: Yung, M., Dodis, Y., Kiayias, A., Malkin, T. (eds.) PKC 2006. LNCS, vol. 3958, pp. 458–473. Springer, Heidelberg (2006).  https://doi.org/10.1007/11745853_30CrossRefGoogle Scholar
  59. 59.
    Mohassel, P., Rosulek, M.: Non-interactive secure 2PC in the offline/online and batch settings. In: Coron, J.-S., Nielsen, J.B. (eds.) EUROCRYPT 2017. LNCS, vol. 10212, pp. 425–455. Springer, Cham (2017).  https://doi.org/10.1007/978-3-319-56617-7_15CrossRefzbMATHGoogle Scholar
  60. 60.
    Mohassel, P., Rosulek, M., Zhang, Y.: Fast and secure three-party computation: the garbled circuit approach. In: ACM CCS (2015)Google Scholar
  61. 61.
    Mukherjee, P., Wichs, D.: Two round multiparty computation via multi-key FHE. In: Fischlin, M., Coron, J.-S. (eds.) EUROCRYPT 2016. LNCS, vol. 9666, pp. 735–763. Springer, Heidelberg (2016).  https://doi.org/10.1007/978-3-662-49896-5_26CrossRefGoogle Scholar
  62. 62.
    Patra, A., Choudhary, A., Rabin, T., Rangan, C.P.: The round complexity of verifiable secret sharing revisited. In: Halevi, S. (ed.) CRYPTO 2009. LNCS, vol. 5677, pp. 487–504. Springer, Heidelberg (2009).  https://doi.org/10.1007/978-3-642-03356-8_29CrossRefGoogle Scholar
  63. 63.
    Patra, A., Ravi, D.: On the exact round complexity of secure three-party computation. Cryptology ePrint Archive, Report 2018/481 (2018). https://eprint.iacr.org/2018/481
  64. 64.
    Rabin, T., Ben-Or, M.: Verifiable secret sharing and multiparty protocols with honest majority (extended abstract). In: ACM STOC (1989)Google Scholar
  65. 65.
    Rindal, P., Rosulek, M.: Faster malicious 2-party secure computation with online/offline dual execution. In: USENIX Security Symposium (2016)Google Scholar
  66. 66.
    Shelat, A., Shen, C.-H.: Fast two-party secure computation with minimal assumptions. In: ACM CCS (2013)Google Scholar
  67. 67.
    Yao, A.C.-C.: Protocols for secure computations (extended abstract). In: FOCS (1982)Google Scholar

Copyright information

© International Association for Cryptologic Research 2018

Authors and Affiliations

  1. 1.Indian Institute of ScienceBangaloreIndia

Personalised recommendations