Skip to main content
View expanded cover

International Conference on the Theory and Application of Cryptology and Information Security

ASIACRYPT 2020: Advances in Cryptology – ASIACRYPT 2020 pp 181–212Cite as

Towards Efficiency-Preserving Round Compression in MPC

Do Fewer Rounds Mean More Computation?

  • 740 Accesses

Part of the Lecture Notes in Computer Science book series (LNSC,volume 12493)

Abstract

Reducing the rounds of interaction in secure multiparty computation (MPC) protocols has been the topic of study of many works. One popular approach to reduce rounds is to construct round compression compilers. A round compression compiler is one that takes a highly interactive protocol and transforms it into a protocol with far fewer rounds. The design of round compression compilers has traditionally focused on preserving the security properties of the underlying protocol and in particular, not much attention has been given towards preserving their computational and communication efficiency. Indeed, the recent round compression compilers that yield round-optimal MPC protocols incur large computational and communication overhead.

In this work, we initiate the study of efficiency-preserving round compression compilers, i.e. compilers that translate the efficiency benefits of the underlying highly interactive protocols to the fewer round setting. Focusing on the honest majority setting (with near-optimal corruption threshold \(\frac{1}{2} - \varepsilon \), for any \(\varepsilon > 0\)), we devise a new compiler that yields two round (i.e., round optimal) semi-honest MPC with similar communication efficiency as the underlying (arbitrary round) protocol. By applying our compiler on the most efficient known MPC protocols, we obtain a two-round semi-honest protocol based on one-way functions, with total communication (and per-party computation) cost \(\widetilde{O}(s+n^4)\) – a significant improvement over prior two-round protocols with cost \(\widetilde{O}(n^\tau s+n^{\tau +1}d)\), where \(\tau \ge 2\), s is the size of the circuit computing the function and d the corresponding depth. Our result can also be extended to handle malicious adversaries, either using stronger assumptions in the public key infrastructure (PKI) model, or in the plain model using an extra round.

An artifact of our approach is that the resultant protocol is “unbalanced” in the amount of computation performed by different parties. We give evidence that this is necessary in our setting. Our impossibility result makes novel use of the “MPC-in-the-head" paradigm which has typically been used to demonstrate feasibility results.

This is a preview of subscription content, access via your institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • DOI: 10.1007/978-3-030-64840-4_7
  • Chapter length: 32 pages
  • Instant PDF download
  • Readable on all devices
  • Own it forever
  • Exclusive offer for individuals only
  • Tax calculation will be finalised during checkout
eBook
USD   119.00
Price excludes VAT (USA)
  • ISBN: 978-3-030-64840-4
  • Instant PDF download
  • Readable on all devices
  • Own it forever
  • Exclusive offer for individuals only
  • Tax calculation will be finalised during checkout
Softcover Book
USD   159.99
Price excludes VAT (USA)
Learn about institutional subscriptions
Fig. 1.
Fig. 2.
Fig. 3.
Fig. 4.
Fig. 5.
Fig. 6.

Notes

  1. 1.

    While this idea is made explicit in [3, 4], it is easy to observe that [1] also implicitly uses the same idea.

  2. 2.

    If there are only a constant number of parties that are recipients of the output, then the resultant protocol from Theorem 1 already achieves this result.

  3. 3.

    While special MPC with total computation proportional to \(\tilde{O}(n^\tau \cdot W)\) can be constructed (as we discuss later), the second step of our approach is actually less sensitive to the exact asymptotic complexity of special MPC. In particular, the exact dependence on n is not very important as long the total computation in special MPC has only linear dependence on W.

  4. 4.

    Protocols obtained by applying the compiler from [1] always satisfy this property, while the compilers in [3, 4], yield protocols that satisfy the “public reconstruction of outputs” property only when applied to a (multi-round) protocols that also satisfy this property.

  5. 5.

    At a high level, a two-round MPC protocol satisfies the delayed-function property if the first round messages of the honest parties are computed independent of the functionality, but may depend on the size of the circuit implementing the functionality.

  6. 6.

    For this technical overview, some details of the protocol are omitted. The resultant protocol incurs an additive term of \(n^4\), which is elaborate upon in the technical section.

  7. 7.

    Alternatively, if the number of parties computing the output are already a constant, then even the two round protocol achieves optimal computation.

  8. 8.

    A simpler solution using non-reusable correlated randomness can be obtained using regular digital signatures which are known from one-way functions.

  9. 9.

    As for the semi-honest setting, the additive term will be elaborated upon in the technical sections.

  10. 10.

    The MAC keys correspond to tags held by other parites.

  11. 11.

    This will correspond to the messages whose size depend on the size of the circuit being computed.

References

  1. Ananth, P., Choudhuri, A.R., Goel, A., Jain, A.: Round-optimal secure multiparty computation with honest majority. In: Shacham, H., Boldyreva, A. (eds.) CRYPTO 2018. LNCS, vol. 10992, pp. 395–424. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-96881-0_14

    CrossRef  Google Scholar 

  2. Ananth, P., Choudhuri, A.R., Goel, A., Jain, A.: Two round information-theoretic MPC with malicious security. In: Ishai, Y., Rijmen, V. (eds.) EUROCRYPT 2019. LNCS, vol. 11477, pp. 532–561. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-17656-3_19

    CrossRef  Google Scholar 

  3. Applebaum, B., Brakerski, Z., Tsabary, R.: Perfect secure computation in two rounds. In: Beimel, A., Dziembowski, S. (eds.) TCC 2018. LNCS, vol. 11239, pp. 152–174. Springer, Cham (2018). https://doi.org/10.1007/978-3-030-03807-6_6

    CrossRef  Google Scholar 

  4. Applebaum, B., Brakerski, Z., Tsabary, R.: Degree 2 is complete for the round-complexity of malicious MPC. In: Ishai, Y., Rijmen, V. (eds.) EUROCRYPT 2019. LNCS, vol. 11477, pp. 504–531. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-17656-3_18

    CrossRef  Google Scholar 

  5. Beaver, D., Micali, S., Rogaway, P.: The round complexity of secure protocols (extended abstract). In: 22nd ACM STOC, pp. 503–513. ACM Press, May 1990. https://doi.org/10.1145/100216.100287

  6. Ben-Or, M., Goldwasser, S., Wigderson, A.: Completeness theorems for non-cryptographic fault-tolerant distributed computation (extended abstract). In: 20th ACM STOC, pp. 1–10. ACM Press, May 1988. https://doi.org/10.1145/62212.62213

  7. Benhamouda, F., Lin, H.: k-round multiparty computation from k-round oblivious transfer via Garbled interactive circuits. In: Nielsen, J.B., Rijmen, V. (eds.) EUROCRYPT 2018. LNCS, vol. 10821, pp. 500–532. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-78375-8_17

    CrossRef  Google Scholar 

  8. Bitansky, N.: Verifiable random functions from non-interactive witness-indistinguishable proofs. In: Kalai, Y., Reyzin, L. (eds.) TCC 2017. Lecture Notes in Computer Science, vol. 10678, pp. 567–594. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-70503-3_19

    CrossRef  Google Scholar 

  9. Boyle, E., Chung, K.-M., Pass, R.: Large-scale secure computation: multi-party computation for (Parallel) RAM programs. In: Gennaro, R., Robshaw, M. (eds.) CRYPTO 2015. Lecture Notes in Computer Science, vol. 9216, pp. 742–762. Springer, Heidelberg (2015). https://doi.org/10.1007/978-3-662-48000-7_36

    CrossRef  Google Scholar 

  10. Boyle, E., Goldwasser, S., Tessaro, S.: Communication locality in secure multi-party computation. In: Sahai, A. (ed.) TCC 2013. LNCS, vol. 7785, pp. 356–376. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-36594-2_21

    CrossRef  Google Scholar 

  11. Canetti, R., et al.: Fiat-Shamir: from practice to theory. In: STOC (2019)

    Google Scholar 

  12. Chaum, D., Crépeau, C., Damgård, I.: Multiparty unconditionally secure protocols (extended abstract). In: 20th ACM STOC, pp. 11–19. ACM Press, May 1988. https://doi.org/10.1145/62212.62214

  13. Cohen, G., Damgård, I.B., Ishai, Y., Kölker, J., Miltersen, P.B., Raz, R., Rothblum, R.D.: Efficient multiparty protocols via log-depth threshold formulae. In: Canetti, R., Garay, J.A. (eds.) CRYPTO 2013. LNCS, vol. 8043, pp. 185–202. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-40084-1_11

    CrossRef  Google Scholar 

  14. Damgård, I., Ishai, Y.: Scalable secure multiparty computation. In: Dwork, C. (ed.) CRYPTO 2006. LNCS, vol. 4117, pp. 501–520. Springer, Heidelberg, August 2006. https://doi.org/10.1007/11818175_30

  15. Damgård, I., Ishai, Y., Krøigaard, M.: Perfectly secure multiparty computation and the computational overhead of cryptography. In: Gilbert, H. (ed.) EUROCRYPT 2010. LNCS, vol. 6110, pp. 445–465. Springer, Heidelberg (2010). https://doi.org/10.1007/978-3-642-13190-5_23

    CrossRef  Google Scholar 

  16. Damgård, I., Ishai, Y., Krøigaard, M., Nielsen, J.B., Smith, A.: Scalable multiparty computation with nearly optimal work and resilience. In: Wagner, D. (ed.) CRYPTO 2008. LNCS, vol. 5157, pp. 241–261. Springer, Heidelberg (2008). https://doi.org/10.1007/978-3-540-85174-5_14

    CrossRef  Google Scholar 

  17. Damgård, I., Nielsen, J.B.: Scalable and unconditionally secure multiparty computation. In: Menezes, A. (ed.) CRYPTO 2007. LNCS, vol. 4622, pp. 572–590. Springer, Heidelberg (2007). https://doi.org/10.1007/978-3-540-74143-5_32

    CrossRef  Google Scholar 

  18. Dani, V., King, V., Movahedi, M., Saia, J.: Brief announcement: breaking the O(nm) bit barrier, secure multiparty computation with a static adversary. In: ACM Symposium on Principles of Distributed Computing, PODC 2012, 16–18 July 2012, Funchal, Madeira, Portugal, pp. 227–228 (2012)

    Google Scholar 

  19. Dani, V., King, V., Movahedi, M., Saia, J.: Quorums quicken queries: efficient asynchronous secure multiparty computation. In: Chatterjee, M., Cao, J., Kothapalli, K., Rajsbaum, S. (eds.) ICDCN 2014. LNCS, vol. 8314, pp. 242–256. Springer, Heidelberg (2014). https://doi.org/10.1007/978-3-642-45249-9_16

    CrossRef  Google Scholar 

  20. Dani, V., King, V., Movahedi, M., Saia, J., Zamani, M.: Secure multi-party computation in large networks. Distrib. Comput. 30(3), 193–229 (2017)

    MathSciNet  CrossRef  Google Scholar 

  21. Feige, U.: Noncryptographic selection protocols. In: 40th FOCS, pp. 142–153. IEEE Computer Society Press, October 1999. https://doi.org/10.1109/SFFCS.1999.814586

  22. Fiat, A., Shamir, A.: How to prove yourself: practical solutions to identification and signature problems. In: Odlyzko, A.M. (ed.) CRYPTO 1986. LNCS, vol. 263, pp. 186–194. Springer, Heidelberg, August 1987. https://doi.org/10.1007/3-540-47721-7_12

  23. Garg, S., Gentry, C., Halevi, S., Raykova, M.: Two-round secure MPC from indistinguishability obfuscation. In: Lindell, Y. (ed.) TCC 2014. LNCS, vol. 8349, pp. 74–94. Springer, Heidelberg (2014). https://doi.org/10.1007/978-3-642-54242-8_4

    CrossRef  Google Scholar 

  24. Garg, S., Ishai, Y., Srinivasan, A.: Two-round MPC: information-theoretic and black-box. In: Beimel, A., Dziembowski, S. (eds.) TCC 2018. LNCS, vol. 11239, pp. 123–151. Springer, Cham (2018). https://doi.org/10.1007/978-3-030-03807-6_5

    CrossRef  Google Scholar 

  25. Garg, S., Srinivasan, A.: Two-round multiparty secure computation from minimal assumptions. In: Nielsen, J.B., Rijmen, V. (eds.) EUROCRYPT 2018. LNCS, vol. 10821, pp. 468–499. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-78375-8_16

    CrossRef  Google Scholar 

  26. Genkin, D., Ishai, Y., Polychroniadou, A.: Efficient multi-party computation: from passive to active security via secure SIMD circuits. In: Gennaro, R., Robshaw, M. (eds.) CRYPTO 2015. LNCS, vol. 9216, pp. 721–741. Springer, Heidelberg (2015). https://doi.org/10.1007/978-3-662-48000-7_35

    CrossRef  Google Scholar 

  27. Gilad, Y., Hemo, R., Micali, S., Vlachos, G., Zeldovich, N.: Algorand: scaling byzantine agreements for cryptocurrencies. In: Proceedings of the 26th Symposium on Operating Systems Principles, 28–31 October 2017, Shanghai, China, pp. 51–68 (2017)

    Google Scholar 

  28. Goldreich, O.: The Foundations of Cryptography, vol. 2, Basic Applications. Cambridge University Press, Cambridge (2004)

    Google Scholar 

  29. Goldreich, O., Micali, S., Wigderson, A.: How to play any mental game or a completeness theorem for protocols with honest majority. In: Aho, A. (ed.) 19th ACM STOC, pp. 218–229. ACM Press, May 1987. https://doi.org/10.1145/28395.28420

  30. Goyal, R., Hohenberger, S., Koppula, V., Waters, B.: A generic approach to constructing and proving verifiable random functions. In: Kalai, Y., Reyzin, L. (eds.) TCC 2017. LNCS, vol. 10678, pp. 537–566. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-70503-3_18

    CrossRef  Google Scholar 

  31. Groth, J., Ostrovsky, R., Sahai, A.: New techniques for noninteractive zero-knowledge. J. ACM 59(3), 11:1–11:35 (2012)

    Google Scholar 

  32. Halevi, S., Lindell, Y., Pinkas, B.: Secure computation on the web: computing without simultaneous interaction. In: Rogaway, P. (ed.) CRYPTO 2011. LNCS, vol. 6841, pp. 132–150. Springer, Heidelberg (2011). https://doi.org/10.1007/978-3-642-22792-9_8

    CrossRef  Google Scholar 

  33. Hirt, M., Maurer, U.: Player simulation and general adversary structures in perfect multiparty computation. J. Cryptol. 13(1), 31–60 (2000)

    MathSciNet  CrossRef  Google Scholar 

  34. Hirt, M., Nielsen, J.B.: Robust multiparty computation with linear communication complexity. In: Dwork, C. (ed.) CRYPTO 2006. LNCS, vol. 4117, pp. 463–482. Springer, Heidelberg (2006). https://doi.org/10.1007/11818175_28

    CrossRef  Google Scholar 

  35. Ishai, Y., Kushilevitz, E., Ostrovsky, R., Sahai, A.: Zero-knowledge proofs from secure multiparty computation. SIAM J. Comput. 39(3), 1121–1152 (2009)

    MathSciNet  CrossRef  Google Scholar 

  36. Ishai, Y., Kushilevitz, E., Paskin, A.: Secure multiparty computation with minimal interaction. In: Rabin, T. (ed.) CRYPTO 2010. LNCS, vol. 6223, pp. 577–594. Springer, Heidelberg (2010). https://doi.org/10.1007/978-3-642-14623-7_31

    CrossRef  Google Scholar 

  37. Micali, S., Rabin, M.O., Vadhan, S.P.: Verifiable random functions. In: 40th FOCS, pp. 120–130. IEEE Computer Society Press, October 1999. https://doi.org/10.1109/SFFCS.1999.814584

  38. Peikert, C., Shiehian, S.: Noninteractive zero knowledge for NP from (plain) learning with errors. Tech. rep., Cryptology ePrint Archive Report 2019/158 (2019). https://eprint.iacr.org/2019/158

  39. Saia, J., Zamani, M.: Recent results in scalable multi-party computation. In: SOFSEM 2015: Proceedings of the Theory and Practice of Computer Science - 41st International Conference on Current Trends in Theory and Practice of Computer Science, 24–29 January 2015, Pec pod Sněžkou, Czech Republic, pp. 24–44 (2015)

    Google Scholar 

  40. Yao, A.C.C.: How to generate and exchange secrets. In: 27th Annual Symposium on Foundations of Computer Science, pp. 162–167. IEEE (1986)

    Google Scholar 

  41. Zamani, M., Movahedi, M., Saia, J.: Millions of millionaires: multiparty computation in large networks. IACR Cryptol. ePrint Arch. 2014, 149 (2014). https://eprint.iacr.org/2014/149

Download references

Acknowledgments

Arka Rai Choudhuri, Aarushi Goel and Abhishek Jain are supported in part by DARPA/ARL Safeware Grant W911NF-15-C-0213, NSF CNS-1814919, NSF CAREER 1942789, Samsung Global Research Outreach award and Johns Hopkins University Catalyst award. Arka Rai Choudhuri is also supported by NSF Grants CNS-1908181, CNS-1414023, and the Office of Naval Research Grant N00014-19-1-2294. Aarushi Goel is also supported in part by NSF Grants CNS-1653110 and CNS-1801479 and the Office of Naval Research under contract N00014-19-1-2292.

Author information

Authors and Affiliations

  1. University of California, Santa Barbara, USA

    Prabhanjan Ananth

  2. Johns Hopkins University, Baltimore, USA

    Arka Rai Choudhuri, Aarushi Goel & Abhishek Jain

Authors
  1. Prabhanjan Ananth
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Arka Rai Choudhuri
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Aarushi Goel
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Abhishek Jain
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Prabhanjan Ananth .

Editor information

Editors and Affiliations

  1. Network Security Research Institute (NICT), Tokyo, Japan

    Shiho Moriai

  2. Nanyang Technological University, Singapore, Singapore

    Huaxiong Wang

Rights and permissions

Reprints and Permissions

Copyright information

© 2020 International Association for Cryptologic Research

About this paper

Verify currency and authenticity via CrossMark

Cite this paper

Ananth, P., Choudhuri, A.R., Goel, A., Jain, A. (2020). Towards Efficiency-Preserving Round Compression in MPC. In: Moriai, S., Wang, H. (eds) Advances in Cryptology – ASIACRYPT 2020. ASIACRYPT 2020. Lecture Notes in Computer Science(), vol 12493. Springer, Cham. https://doi.org/10.1007/978-3-030-64840-4_7

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-64840-4_7

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-64839-8

  • Online ISBN: 978-3-030-64840-4

  • eBook Packages: Computer ScienceComputer Science (R0)