Advertisement

A Full Characterization of Functions that Imply Fair Coin Tossing and Ramifications to Fairness

  • Gilad Asharov
  • Yehuda Lindell
  • Tal Rabin
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 7785)

Abstract

It is well known that it is impossible for two parties to toss a coin fairly (Cleve, STOC 1986). This result implies that it is impossible to securely compute with fairness any function that can be used to toss a fair coin. In this paper, we focus on the class of deterministic Boolean functions with finite domain, and we ask for which functions in this class is it possible to information-theoretically toss an unbiased coin, given a protocol for securely computing the function with fairness. We provide a complete characterization of the functions in this class that imply and do not imply fair coin tossing. This characterization extends our knowledge of which functions cannot be securely computed with fairness. In addition, it provides a focus as to which functions may potentially be securely computed with fairness, since a function that cannot be used to fairly toss a coin is not ruled out by the impossibility result of Cleve (which is the only known impossibility result for fairness). In addition to the above, we draw corollaries to the feasibility of achieving fairness in two possible fail-stop models.

Keywords

Probability Vector Impossibility Result Oblivious Transfer Fair Coin Honest Party 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

References

  1. 1.
    Full version of this work. Cryptology ePrint Archive (2013)Google Scholar
  2. 2.
    Ben-Or, M., Goldwasser, S., Wigderson, A.: Completeness theorems for non-cryptographic fault-tolerant distributed computation. In: 20th STOC, pp. 1–10 (1988)Google Scholar
  3. 3.
    Canetti, R.: Security and composition of multiparty cryptographic protocols. Journal of Cryptology 13(1), 143–202 (2000)MathSciNetCrossRefzbMATHGoogle Scholar
  4. 4.
    Chaum, D., Crépeau, C., Damgård, I.: Multiparty unconditionally secure protocols. In: The 20th STOC, pp. 1–10 (1988)Google Scholar
  5. 5.
    Cleve, R.: Limits on the security of coin flips when half the processors are faulty (extended abstract). In: The 18th STOC, pp. 364–369 (1986)Google Scholar
  6. 6.
    Goldreich, O.: The Foundations of Cryptography. Basic Applications, vol. 2. Cambridge University Press (2004)Google Scholar
  7. 7.
    Goldreich, O., Micali, S., Wigderson, A.: Proofs that yield nothing but their validity or all languages in NP have zero-knowledge proof systems. JACM 38(1), 691–729 (1991)MathSciNetzbMATHGoogle Scholar
  8. 8.
    Goldreich, O., Micali, S., Wigderson, A.: How to play any mental game or a completeness theorem for protocols with honest majority. In: The 19th STOC, pp. 218–229 (1987)Google Scholar
  9. 9.
    Gordon, S.D., Hazay, C., Katz, J., Lindell, Y.: Complete fairness in secure two-party computation. JACM 58(6), 24 (2011)MathSciNetCrossRefzbMATHGoogle Scholar
  10. 10.
    Kilian, J.: A general completeness theorem for two-party games. In: 23rd STOC, pp. 553–560 (1991)Google Scholar
  11. 11.
    Rabin, T., Ben-Or, M.: Verifiable secret sharing and multiparty protocols with honest majority. In: The 21st STOC, pp. 73–85 (1989)Google Scholar
  12. 12.
    von Neumann, J.: Various Techniques Used in Connection with Random Digits. Journal of Research of the National Bureau of Standards 12, 36–38 (1951)Google Scholar
  13. 13.
    Yao, A.: How to generate and exchange secrets (extended abstract). In: The 27th FOCS, pp. 162–167 (1986)Google Scholar

Copyright information

© International Association for Cryptologic Research 2013

Authors and Affiliations

  • Gilad Asharov
    • 1
  • Yehuda Lindell
    • 1
  • Tal Rabin
    • 2
  1. 1.Department of Computer ScienceBar-Ilan UniversityIsrael
  2. 2.IBM T.J. Watson Research CenterNew YorkUSA

Personalised recommendations