On the Power of Correlated Randomness in Secure Computation

  • Yuval Ishai
  • Eyal Kushilevitz
  • Sigurd Meldgaard
  • Claudio Orlandi
  • Anat Paskin-Cherniavsky
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 7785)


We investigate the extent to which correlated secret randomness can help in secure computation with no honest majority. It is known that correlated randomness can be used to evaluate any circuit of size s with perfect security against semi-honest parties or statistical security against malicious parties, where the communication complexity grows linearly with s. This leaves open two natural questions: (1) Can the communication complexity be made independent of the circuit size? (2) Is it possible to obtain perfect security against malicious parties?

We settle the above questions, obtaining both positive and negative results on unconditionally secure computation with correlated randomness. Concretely, we obtain the following results.

Minimizing communication. Any multiparty functionality can be realized, with perfect security against semi-honest parties or statistical security against malicious parties, by a protocol in which the number of bits communicated by each party is linear in its input length. Our protocol uses an exponential number of correlated random bits. We give evidence that super-polynomial randomness complexity may be inherent.

Perfect security against malicious parties. Any finite “sender-receiver” functionality, which takes inputs from a sender and a receiver and delivers an output only to the receiver, can be perfectly realized given correlated randomness. In contrast, perfect security is generally impossible for functionalities which deliver outputs to both parties. We also show useful functionalities (such as string equality) for which there are efficient perfectly secure protocols in the correlated randomness model.

Perfect correctness in the plain model. We present a general approach for transforming perfectly secure protocols for sender-receiver functionalities in the correlated randomness model into secure protocols in the plain model which offer perfect correctness against a malicious sender. This should be contrasted with the impossibility of perfectly sound zero-knowledge proofs.


Secure Protocol Secure Computation Correlate Randomness Message Authentication Code Homomorphic Encryption 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


  1. 1.
    Aiello, W., Ishai, Y., Reingold, O.: Priced Oblivious Transfer: How to Sell Digital Goods. In: Pfitzmann, B. (ed.) EUROCRYPT 2001. LNCS, vol. 2045, pp. 119–135. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  2. 2.
    Beaver, D.: Efficient Multiparty Protocols Using Circuit Randomization. In: Feigenbaum, J. (ed.) CRYPTO 1991. LNCS, vol. 576, pp. 420–432. Springer, Heidelberg (1992)Google Scholar
  3. 3.
    Beaver, D.: Precomputing Oblivious Transfer. In: Coppersmith, D. (ed.) CRYPTO 1995. LNCS, vol. 963, pp. 97–109. Springer, Heidelberg (1995)Google Scholar
  4. 4.
    Beaver, D.: Commodity-based cryptography (extended abstract). In: STOC, pp. 446–455 (1997)Google Scholar
  5. 5.
    Bellare, M., Hoang, V.T., Rogaway, P.: Adaptively Secure Garbling with Applications to One-Time Programs and Secure Outsourcing. In: Wang, X., Sako, K. (eds.) ASIACRYPT 2012. LNCS, vol. 7658, pp. 134–153. Springer, Heidelberg (2012)CrossRefGoogle Scholar
  6. 6.
    Ben-Or, M., Goldwasser, S., Wigderson, A.: Completeness theorems for non-cryptographic fault-tolerant distributed computation (extended abstract). In: STOC, pp. 1–10 (1988)Google Scholar
  7. 7.
    Bendlin, R., Damgård, I., Orlandi, C., Zakarias, S.: Semi-homomorphic Encryption and Multiparty Computation. In: Paterson, K.G. (ed.) EUROCRYPT 2011. LNCS, vol. 6632, pp. 169–188. Springer, Heidelberg (2011)CrossRefGoogle Scholar
  8. 8.
    Blundo, C., Masucci, B., Stinson, D.R., Wei, R.: Constructions and bounds for unconditionally secure non-interactive commitment schemes. Des. Codes Cryptography 26(1-3), 97–110 (2002)MathSciNetCrossRefzbMATHGoogle Scholar
  9. 9.
    Bogdanov, D., Talviste, R., Willemson, J.: Deploying secure multi-party computation for financial data analysis - (short paper), pp. 57–64 (2012)Google Scholar
  10. 10.
    Bogetoft, P., Christensen, D.L., Damgård, I., Geisler, M., Jakobsen, T., Krøigaard, M., Nielsen, J.D., Nielsen, J.B., Nielsen, K., Pagter, J., Schwartzbach, M., Toft, T.: Secure Multiparty Computation Goes Live. In: Dingledine, R., Golle, P. (eds.) FC 2009. LNCS, vol. 5628, pp. 325–343. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  11. 11.
    Chaum, D., Crépeau, C., Damgård, I.: Multiparty unconditionally secure protocols (extended abstract). In: STOC, pp. 11–19 (1988)Google Scholar
  12. 12.
    Chor, B., Goldreich, O., Kushilevitz, E., Sudan, M.: Private information retrieval. In: FOCS, pp. 41–50 (1995)Google Scholar
  13. 13.
    Damgård, I., Pastro, V., Smart, N.P., Zakarias, S.: Multiparty Computation from Somewhat Homomorphic Encryption. In: Safavi-Naini, R., Canetti, R. (eds.) CRYPTO 2012. LNCS, vol. 7417, pp. 643–662. Springer, Heidelberg (2012)CrossRefGoogle Scholar
  14. 14.
    Damgård, I., Zakarias, S.: Constant-Overhead Secure Computation of Boolean Circuits Using Preprocessing. In: Sahai, A. (ed.) TCC 2013. LNCS, vol. 7785, pp. 621–641. Springer, Heidelberg (2013)Google Scholar
  15. 15.
    Dowsley, R., van de Graaf, J., Marques, D., Nascimento, A.C.A.: A Two-Party Protocol with Trusted Initializer for Computing the Inner Product. In: Chung, Y., Yung, M. (eds.) WISA 2010. LNCS, vol. 6513, pp. 337–350. Springer, Heidelberg (2011)CrossRefGoogle Scholar
  16. 16.
    Even, S., Goldreich, O., Lempel, A.: A randomized protocol for signing contracts. Commun. ACM 28(6), 637–647 (1985)MathSciNetCrossRefzbMATHGoogle Scholar
  17. 17.
    Fitzi, M., Gisin, N., Maurer, U.M., von Rotz, O.: Unconditional Byzantine Agreement and Multi-party Computation Secure against Dishonest Minorities from Scratch. In: Knudsen, L.R. (ed.) EUROCRYPT 2002. LNCS, vol. 2332, pp. 482–501. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  18. 18.
    Fitzi, M., Wolf, S., Wullschleger, J.: Pseudo-signatures, Broadcast, and Multi-party Computation from Correlated Randomness. In: Franklin, M. (ed.) CRYPTO 2004. LNCS, vol. 3152, pp. 562–578. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  19. 19.
    Gentry, C.: Fully homomorphic encryption using ideal lattices. In: STOC, pp. 169–178 (2009)Google Scholar
  20. 20.
    Goldreich, O., Micali, S., Wigderson, A.: How to play any mental game or a completeness theorem for protocols with honest majority. In: STOC, pp. 218–229 (1987)Google Scholar
  21. 21.
    Ishai, Y., Ostrovsky, R., Seyalioglu, H.: Identifying Cheaters without an Honest Majority. In: Cramer, R. (ed.) TCC 2012. LNCS, vol. 7194, pp. 21–38. Springer, Heidelberg (2012)CrossRefGoogle Scholar
  22. 22.
    Ishai, Y., Prabhakaran, M., Sahai, A.: Founding Cryptography on Oblivious Transfer – Efficiently. In: Wagner, D. (ed.) CRYPTO 2008. LNCS, vol. 5157, pp. 572–591. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  23. 23.
    Kaplan, E., Naor, M., Reingold, O.: Derandomized constructions of k-wise (almost) independent permutations, vol. 55, pp. 113–133 (2009)Google Scholar
  24. 24.
    Kilian, J.: Founding cryptography on oblivious transfer. In: STOC, pp. 20–31 (1988)Google Scholar
  25. 25.
    Kuperberg, G., Lovett, S., Peled, R.: Probabilistic existence of rigid combinatorial structures, pp. 1091–1106 (2012)Google Scholar
  26. 26.
    Naor, M., Pinkas, B.: Efficient oblivious transfer protocols. In: SODA, pp. 448–457 (2001)Google Scholar
  27. 27.
    Nielsen, J.B., Nordholt, P.S., Orlandi, C., Burra, S.S.: A New Approach to Practical Active-Secure Two-Party Computation. In: Safavi-Naini, R., Canetti, R. (eds.) CRYPTO 2012. LNCS, vol. 7417, pp. 681–700. Springer, Heidelberg (2012)CrossRefGoogle Scholar
  28. 28.
    Patra, A., Choudhary, A., Rangan, C.P.: Round Efficient Unconditionally Secure MPC and Multiparty Set Intersection with Optimal Resilience. In: Roy, B., Sendrier, N. (eds.) INDOCRYPT 2009. LNCS, vol. 5922, pp. 398–417. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  29. 29.
    Pfitzmann, B., Waidner, M.: Information-theoretic pseudosignatures and byzantine agreement for t ≥ n/3. IBM Research Report RZ 2882 (#90830) (1996)Google Scholar
  30. 30.
    Rabin, M.: How to exchange secrets by oblivious transfer. Technical Report TR-81. Harvard Aiken Computation Laboratory (1981)Google Scholar
  31. 31.
    Rivest, R.: Unconditionally secure commitment and oblivious transfer schemes using private channels and a trusted initializer. Manuscript (1999)Google Scholar
  32. 32.
    Tonicelli, R., Dowsley, R., Hanaoka, G., Imai, H., Müller-Quade, J., Otsuka, A., Nascimento, A.C.A.: Information-theoretically secure oblivious polynomial evaluation in the commodity-based model. IACR Cryptology ePrint Archive, 2009: 270 (2009)Google Scholar
  33. 33.
    Winkler, S., Wullschleger, J.: On the Efficiency of Classical and Quantum Oblivious Transfer Reductions. In: Rabin, T. (ed.) CRYPTO 2010. LNCS, vol. 6223, pp. 707–723. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  34. 34.
    Yao, A.C.-C.: How to generate and exchange secrets, pp. 162–167 (1986)Google Scholar
  35. 35.
    Yao, A.C.-C.: Protocols for secure computations (extended abstract). In: FOCS, pp. 160–164 (1982)Google Scholar

Copyright information

© International Association for Cryptologic Research 2013

Authors and Affiliations

  • Yuval Ishai
    • 1
  • Eyal Kushilevitz
    • 1
  • Sigurd Meldgaard
    • 2
  • Claudio Orlandi
    • 2
  • Anat Paskin-Cherniavsky
    • 1
  1. 1.TechnionHaifaIsrael
  2. 2.Aarhus UniversityDenmark

Personalised recommendations