Must the Communication Graph of MPC Protocols be an Expander?

  • Elette Boyle
  • Ran CohenEmail author
  • Deepesh Data
  • Pavel Hubáček
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 10993)


Secure multiparty computation (MPC) on incomplete communication networks has been studied within two primary models: (1) Where a partial network is fixed a priori, and thus corruptions can occur dependent on its structure, and (2) Where edges in the communication graph are determined dynamically as part of the protocol. Whereas a rich literature has succeeded in mapping out the feasibility and limitations of graph structures supporting secure computation in the fixed-graph model (including strong classical lower bounds), these bounds do not apply in the latter dynamic-graph setting, which has recently seen exciting new results, but remains relatively unexplored.

In this work, we initiate a similar foundational study of MPC within the dynamic-graph model. As a first step, we investigate the property of graph expansion. All existing protocols (implicitly or explicitly) yield communication graphs which are expanders, but it is not clear whether this is inherent. Our results consist of two types:
  • Upper bounds: We demonstrate secure protocols whose induced communication graphs are not expanders, within a wide range of settings (computational, information theoretic, with low locality, and adaptive security), each assuming some form of input-independent setup.

  • Lower bounds: In the setting without setup and adaptive corruptions, we demonstrate that for certain functionalities, no protocol can maintain a non-expanding communication graph against all adversarial strategies. Our lower bound relies only on protocol correctness (not privacy), and requires a surprisingly delicate argument.


  1. 1.
    Beaver, D., Micali, S., Rogaway, P.: The round complexity of secure protocols (extended abstract). In: STOC, pp. 503–513 (1990)Google Scholar
  2. 2.
    Ben-Or, M., Goldwasser, S., Wigderson, A.: Completeness theorems for non-cryptographic fault-tolerant distributed computation (extended abstract). In: FOCS, pp. 1–10 (1988)Google Scholar
  3. 3.
    Boyle, E., Chung, K.-M., Pass, R.: Large-scale secure computation: multi-party computation for (parallel) RAM programs. In: Gennaro, R., Robshaw, M. (eds.) CRYPTO 2015, Part II. LNCS, vol. 9216, pp. 742–762. Springer, Heidelberg (2015). Scholar
  4. 4.
    Boyle, E., Cohen, R., Data, D., Hubáček, P.: Must the communication graph of MPC protocols be an expander? Cryptology ePrint Archive, Report 2018/540 (2018).
  5. 5.
    Boyle, E., Goldwasser, S., Tessaro, S.: Communication locality in secure multi-party computation. In: Sahai, A. (ed.) TCC 2013. LNCS, vol. 7785, pp. 356–376. Springer, Heidelberg (2013). Scholar
  6. 6.
    Braud-Santoni, N., Guerraoui, R., Huc, F.: Fast Byzantine agreement. In: PODC, pp. 57–64 (2013)Google Scholar
  7. 7.
    Canetti, R.: Security and composition of multiparty cryptographic protocols. JCRYPTOL 13(1), 143–202 (2000)MathSciNetzbMATHGoogle Scholar
  8. 8.
    Canetti, R.: Universally composable security: a new paradigm for cryptographic protocols. In: FOCS, pp. 136–145 (2001)Google Scholar
  9. 9.
    Chandran, N., Chongchitmate, W., Garay, J.A., Goldwasser, S., Ostrovsky, R., Zikas, V.: The hidden graph model: communication locality and optimal resiliency with adaptive faults. In: ITCS, pp. 153–162 (2015)Google Scholar
  10. 10.
    Chandran, N., Garay, J.A., Ostrovsky, R.: Almost-everywhere secure computation with edge corruptions. JCRYPTOL 28(4), 745–768 (2015)MathSciNetzbMATHGoogle Scholar
  11. 11.
    Chaum, D., Crépeau, C., Damgård, I.: Multiparty unconditionally secure protocols (extended abstract). In: STOC, pp. 11–19 (1988)Google Scholar
  12. 12.
    Cohen, R., Coretti, S., Garay, J.A., Zikas, V.: Round-preserving parallel composition of probabilistic-termination cryptographic protocols. In: ICALP, pp. 37:1–37:15 (2017)Google Scholar
  13. 13.
    Cohen, R., Coretti, S., Garay, J.A., Zikas, V.: Probabilistic termination and composability of cryptographic protocols. In: Robshaw, M., Katz, J. (eds.) CRYPTO 2016, Part III. LNCS, vol. 9816, pp. 240–269. Springer, Heidelberg (2016). Scholar
  14. 14.
    Damgård, I., Ishai, Y.: Constant-round multiparty computation using a black-box pseudorandom generator. In: Shoup, V. (ed.) CRYPTO 2005. LNCS, vol. 3621, pp. 378–394. Springer, Heidelberg (2005). Scholar
  15. 15.
    Dani, V., King, V., Movahedi, M., Saia, J., Zamani, M.: Secure multi-party computation in large networks. Distrib. Comput. 30(3), 193–229 (2017)MathSciNetCrossRefGoogle Scholar
  16. 16.
    Dolev, D.: The Byzantine generals strike again. J. Algorithms 3(1), 14–30 (1982)MathSciNetCrossRefGoogle Scholar
  17. 17.
    Dolev, D., Strong, R.: Authenticated algorithms for Byzantine agreement. SICOMP 12(4), 656–666 (1983)MathSciNetCrossRefGoogle Scholar
  18. 18.
    Dvir, Z., Wigderson, A.: Monotone expanders: constructions and applications. Theory Comput. 6(1), 291–308 (2010)MathSciNetCrossRefGoogle Scholar
  19. 19.
    Dwork, C., Peleg, D., Pippenger, N., Upfal, E.: Fault tolerance in networks of bounded degree. SICOMP 17(5), 975–988 (1988)MathSciNetCrossRefGoogle Scholar
  20. 20.
    Feldman, P., Micali, S.: An optimal probabilistic protocol for synchronous Byzantine agreement. SICOMP 26(4), 873–933 (1997)MathSciNetCrossRefGoogle Scholar
  21. 21.
    Fischer, M.J., Lynch, N.A., Merritt, M.: Easy impossibility proofs for distributed consensus problems. Distrib. Comput. 1(1), 26–39 (1986)CrossRefGoogle Scholar
  22. 22.
    Garay, J.A., Moses, Y.: Fully polynomial Byzantine agreement in t+1 rounds. In: STOC, pp. 31–41 (1993)Google Scholar
  23. 23.
    Garay, J.A., Ostrovsky, R.: Almost-everywhere secure computation. In: Smart, N. (ed.) EUROCRYPT 2008. LNCS, vol. 4965, pp. 307–323. Springer, Heidelberg (2008). Scholar
  24. 24.
    Goldreich, O.: Foundations of Cryptography - Volume 2: Basic Applications. Cambridge University Press, Cambridge (2004)CrossRefGoogle Scholar
  25. 25.
    Goldreich, O., Micali, S., Wigderson, A.: How to play any mental game or a completeness theorem for protocols with honest majority. In: STOC, pp. 218–229 (1987)Google Scholar
  26. 26.
    Halevi, S., Ishai, Y., Jain, A., Kushilevitz, E., Rabin, T.: Secure multiparty computation with general interaction patterns. In: ITCS, pp. 157–168 (2016)Google Scholar
  27. 27.
    Halevi, S., Lindell, Y., Pinkas, B.: Secure computation on the web: computing without simultaneous interaction. In: Rogaway, P. (ed.) CRYPTO 2011. LNCS, vol. 6841, pp. 132–150. Springer, Heidelberg (2011). Scholar
  28. 28.
    Hoory, S., Linial, N., Wigderson, A.: Expander graphs and their applications. Bull. Am. Math. Soc. 43(4), 439–561 (2006)MathSciNetCrossRefGoogle Scholar
  29. 29.
    Kapron, B.M., Kempe, D., King, V., Saia, J., Sanwalani, V.: Fast asynchronous Byzantine agreement and leader election with full information. In: SODA, pp. 1038–1047 (2008)Google Scholar
  30. 30.
    King, V., Lonargan, S., Saia, J., Trehan, A.: Load balanced scalable Byzantine agreement through quorum building, with full information. In: Aguilera, M.K., Yu, H., Vaidya, N.H., Srinivasan, V., Choudhury, R.R. (eds.) ICDCN 2011. LNCS, vol. 6522, pp. 203–214. Springer, Heidelberg (2011). Scholar
  31. 31.
    King, V., Saia, J.: From almost everywhere to everywhere: Byzantine agreement with \(\tilde{O}(n^{3/2})\) bits. In: Keidar, I. (ed.) DISC 2009. LNCS, vol. 5805, pp. 464–478. Springer, Heidelberg (2009). Scholar
  32. 32.
    King, V., Saia, J.: Breaking the O(n\({}^{\text{2}}\)) bit barrier: scalable Byzantine agreement with an adaptive adversary. In: PODC, pp. 420–429 (2010)Google Scholar
  33. 33.
    King, V., Saia, J., Sanwalani, V., Vee, E.: Scalable leader election. In: SODA, pp. 990–999 (2006)Google Scholar
  34. 34.
    Lamport, L., Shostak, R.E., Pease, M.C.: The Byzantine generals problem. ACM Trans. Program. Lang. Syst. 4(3), 382–401 (1982)CrossRefGoogle Scholar
  35. 35.
    Pease, M.C., Shostak, R.E., Lamport, L.: Reaching agreement in the presence of faults. J. ACM 27(2), 228–234 (1980)MathSciNetCrossRefGoogle Scholar
  36. 36.
    Rabin, T., Ben-Or, M.: Verifiable secret sharing and multiparty protocols with honest majority (extended abstract). In: FOCS, pp. 73–85 (1989)Google Scholar
  37. 37.
    Seito, T., Aikawa, T., Shikata, J., Matsumoto, T.: Information-theoretically secure key-insulated multireceiver authentication codes. In: Bernstein, D.J., Lange, T. (eds.) AFRICACRYPT 2010. LNCS, vol. 6055, pp. 148–165. Springer, Heidelberg (2010). Scholar
  38. 38.
    Shikata, J., Hanaoka, G., Zheng, Y., Imai, H.: Security notions for unconditionally secure signature schemes. In: Knudsen, L.R. (ed.) EUROCRYPT 2002. LNCS, vol. 2332, pp. 434–449. Springer, Heidelberg (2002). Scholar

Copyright information

© International Association for Cryptologic Research 2018

Authors and Affiliations

  • Elette Boyle
    • 1
  • Ran Cohen
    • 2
    • 3
    Email author
  • Deepesh Data
    • 4
  • Pavel Hubáček
    • 5
  1. 1.IDC HerzliyaHerzliyaIsrael
  2. 2.MITCambridgeUSA
  3. 3.Northeastern UniversityBostonUSA
  4. 4.UCLALos AngelesUSA
  5. 5.Computer Science InstituteCharles UniversityPragueCzech Republic

Personalised recommendations