Skip to main content
SpringerLink
Log in

Fast Optimistically Fair Cut-and-Choose 2PC

  • Conference paper
  • First Online:
Financial Cryptography and Data Security (FC 2016)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 9603))

Included in the following conference series:

Abstract

Secure two party computation (2PC) is a well-studied problem with many real world applications. Due to Cleve’s result on general impossibility of fairness, however, the state-of-the-art solutions only provide security with abort. We investigate fairness for 2PC in presence of a trusted Arbiter, in an optimistic setting where the Arbiter is not involved if the parties act fairly. Existing fair solutions in this setting are by far less efficient than the fastest unfair 2PC.

We close this efficiency gap by designing protocols for fair 2PC with covert and malicious security that have competitive performance with the state-of-the-art unfair constructions. In particular, our protocols only requires the exchange of a few extra messages with sizes that only depend on the output length; the Arbiter’s load is independent of the computation size; and a malicious Arbiter can only break fairness, but not covert/malicious security even if he colludes with a party. Finally, our solutions are designed to work with the state-of-the-art optimizations applicable to garbled circuits and cut-and-choose 2PC such as free-XOR, half-gates, and the cheating-recovery paradigm.

A. Küpçü—We thank TÜBİTAK, the Scientific and Technological Research Council of Turkey, project 111E019, and European Union COST Action IC1306.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

  1. 1.

    An alternative approach for reducing the number of circuits by a factor of 1.5 was introduced by [27].

  2. 2.

    A different line of work focuses on achieving fairness not in general but for specific applications [3, 16, 17, 22, 25].

  3. 3.

    Such timeout mechanisms are easy to implement and standard in the optimistic fair exchange literature (see e.g. [5, 43]).

References

  1. Andrychowicz, M., Dziembowski, S., Malinowski, D., Mazurek, Ł.: Fair two-party computations via bitcoin deposits. In: Böhme, R., Brenner, M., Moore, T., Smith, M. (eds.) FC 2014. LNCS, vol. 8438, pp. 105–121. Springer, Heidelberg (2014). doi:10.1007/978-3-662-44774-1_8

    Google Scholar 

  2. Andrychowicz, M., Dziembowski, S., Malinowski, D., Mazurek, L.: Secure multiparty computations on Bitcoin. In: IEEE Security and Privacy (2014)

    Google Scholar 

  3. Asharov, G.: Towards characterizing complete fairness in secure two-party computation. In: Lindell, Y. (ed.) TCC 2014. LNCS, vol. 8349, pp. 291–316. Springer, Heidelberg (2014). doi:10.1007/978-3-642-54242-8_13

    Chapter  Google Scholar 

  4. Asharov, G., Orlandi, C.: Calling out cheaters: covert security with public verifiability. In: Wang, X., Sako, K. (eds.) ASIACRYPT 2012. LNCS, vol. 7658, pp. 681–698. Springer, Heidelberg (2012). doi:10.1007/978-3-642-34961-4_41

    Chapter  Google Scholar 

  5. Asokan, N., Shoup, V., Waidner, M.: Optimistic fair exchange of digital signatures. IEEE Sel. Areas Commun. 18, 591–610 (2000)

    Article  MATH  Google Scholar 

  6. Ateniese, G.: Efficient verifiable encryption (and fair exchange) of digital signatures. In: ACM CCS (1999)

    Google Scholar 

  7. Aumann, Y., Lindell, Y.: Security against covert adversaries: efficient protocols for realistic adversaries. J. Cryptol. 23, 281–343 (2010)

    Article  MathSciNet  MATH  Google Scholar 

  8. Avoine, G., Vaudenay, S.: Optimistic fair exchange based on publicly verifiable secret sharing. In: Wang, H., Pieprzyk, J., Varadharajan, V. (eds.) ACISP 2004. LNCS, vol. 3108, pp. 74–85. Springer, Heidelberg (2004). doi:10.1007/978-3-540-27800-9_7

    Chapter  Google Scholar 

  9. Bao, F., Deng, R., Mao, W.: Efficient and practical fair exchange protocols with off-line TTP. In: IEEE Security and Privacy (1998)

    Google Scholar 

  10. Beimel, A., Lindell, Y., Omri, E., Orlov, I.: 1/p-Secure multiparty computation without honest majority and the best of both worlds. In: Rogaway, P. (ed.) CRYPTO 2011. LNCS, vol. 6841, pp. 277–296. Springer, Heidelberg (2011). doi:10.1007/978-3-642-22792-9_16

    Chapter  Google Scholar 

  11. Beimel, A., Omri, E., Orlov, I.: Protocols for multiparty coin toss with dishonest majority. In: Rabin, T. (ed.) CRYPTO 2010. LNCS, vol. 6223, pp. 538–557. Springer, Heidelberg (2010). doi:10.1007/978-3-642-14623-7_29

    Chapter  Google Scholar 

  12. Belenkiy, M., Chase, M., Erway, C., Jannotti, J., Küpçü, A., Lysyanskaya, A., Rachlin, E.: Making p2p accountable without losing privacy. In: WPES (2007)

    Google Scholar 

  13. Bellare, M., Hoang, V.T., Rogaway, P.: Foundations of garbled circuits. In: ACM CCS (2012)

    Google Scholar 

  14. Ben-Or, M., Goldreich, O., Micali, S., Rivest, R.L.: A fair protocol for signing contracts. IEEE Trans. Inf. Theor. 36, 40–46 (1990)

    Article  MathSciNet  Google Scholar 

  15. Bentov, I., Kumaresan, R.: How to use bitcoin to design fair protocols. In: Garay, J.A., Gennaro, R. (eds.) CRYPTO 2014. LNCS, vol. 8617, pp. 421–439. Springer, Heidelberg (2014). doi:10.1007/978-3-662-44381-1_24

    Chapter  Google Scholar 

  16. Boudot, F., Schoenmakers, B., Traoré, J.: A fair and efficient solution to the socialist millionaires’ problem. Discret. Appl. Math. 111(1–2), 23–36 (2001)

    Article  MathSciNet  MATH  Google Scholar 

  17. Brandão, L.T.A.N.: Secure two-party computation with reusable bit-commitments, via a cut-and-choose with forge-and-lose technique. In: Sako, K., Sarkar, P. (eds.) ASIACRYPT 2013. LNCS, vol. 8270, pp. 441–463. Springer, Heidelberg (2013). doi:10.1007/978-3-642-42045-0_23

    Chapter  Google Scholar 

  18. Cachin, C., Camenisch, J.: Optimistic fair secure computation. In: Bellare, M. (ed.) CRYPTO 2000. LNCS, vol. 1880, pp. 93–111. Springer, Heidelberg (2000). doi:10.1007/3-540-44598-6_6

    Chapter  Google Scholar 

  19. Canetti, R.: Universally composable security: a new paradigm for cryptographic protocols. In: FOCS (2001)

    Google Scholar 

  20. Cleve, R.: Limits on the security of coin flips when half the processors are faulty. In: STOC (1986)

    Google Scholar 

  21. Dodis, Y., Lee, P.J., Yum, D.H.: Optimistic fair exchange in a multi-user setting. In: Okamoto, T., Wang, X. (eds.) PKC 2007. LNCS, vol. 4450, pp. 118–133. Springer, Heidelberg (2007). doi:10.1007/978-3-540-71677-8_9

    Chapter  Google Scholar 

  22. Dong, C., Chen, L., Camenisch, J., Russello, G.: Fair private set intersection with a semi-trusted arbiter. In: Wang, L., Shafiq, B. (eds.) DBSec 2013. LNCS, vol. 7964, pp. 128–144. Springer, Heidelberg (2013). doi:10.1007/978-3-642-39256-6_9

    Chapter  Google Scholar 

  23. Frederiksen, T.K., Jakobsen, T.P., Nielsen, J.B., Nordholt, P.S., Orlandi, C.: MiniLEGO: efficient secure two-party computation from general assumptions. In: Johansson, T., Nguyen, P.Q. (eds.) EUROCRYPT 2013. LNCS, vol. 7881, pp. 537–556. Springer, Heidelberg (2013). doi:10.1007/978-3-642-38348-9_32

    Chapter  Google Scholar 

  24. Gordon, S., Katz, J.: Partial fairness in secure two-party computation. J. Cryptol. 25(1), 14–40 (2012)

    Article  MathSciNet  MATH  Google Scholar 

  25. Gordon, S.D., Hazay, C., Katz, J., Lindell, Y.: Complete fairness in secure two-party computation. J. ACM 58, 24 (2011)

    Article  MathSciNet  MATH  Google Scholar 

  26. Gordon, S.D., Katz, J.: Partial fairness in secure two-party computation. In: Gilbert, H. (ed.) EUROCRYPT 2010. LNCS, vol. 6110, pp. 157–176. Springer, Heidelberg (2010). doi:10.1007/978-3-642-13190-5_8

    Chapter  Google Scholar 

  27. Huang, Y., Katz, J., Evans, D.: Efficient secure two-party computation using symmetric cut-and-choose. In: Canetti, R., Garay, J.A. (eds.) CRYPTO 2013. LNCS, vol. 8043, pp. 18–35. Springer, Heidelberg (2013). doi:10.1007/978-3-642-40084-1_2

    Chapter  Google Scholar 

  28. Katz, J.: On achieving the best of both worlds in secure multiparty computation. In: STOC (2007)

    Google Scholar 

  29. Katz, J., Maurer, U., Tackmann, B., Zikas, V.: Universally composable synchronous computation. In: Sahai, A. (ed.) TCC 2013. LNCS, vol. 7785, pp. 477–498. Springer, Heidelberg (2013). doi:10.1007/978-3-642-36594-2_27

    Chapter  Google Scholar 

  30. Kiayias, A., Zhou, H.-S., Zikas, V.: Fair and robust multi-party computation using a global transaction ledger. Cryptology ePrint Archive, Report 2015/574 (2015)

    Google Scholar 

  31. Kılınç, H., Küpçü, A.: Efficiently making secure two-party computation fair. In: FC (2016)

    Google Scholar 

  32. Kılınç, H., Küpçü, A.: Optimally efficient multi-party fair exchange and fair secure multi-party computation. In: Nyberg, K. (ed.) CT-RSA 2015. LNCS, vol. 9048, pp. 330–349. Springer, Cham (2015). doi:10.1007/978-3-319-16715-2_18

    Google Scholar 

  33. Kiraz, M.S., Schoenmakers, B.: An efficient protocol for fair secure two-party computation. In: Malkin, T. (ed.) CT-RSA 2008. LNCS, vol. 4964, pp. 88–105. Springer, Heidelberg (2008). doi:10.1007/978-3-540-79263-5_6

    Chapter  Google Scholar 

  34. Kiraz, M.S., Schoenmakers, B., Villegas, J.: Efficient committed oblivious transfer of bit strings. In: Garay, J.A., Lenstra, A.K., Mambo, M., Peralta, R. (eds.) ISC 2007. LNCS, vol. 4779, pp. 130–144. Springer, Heidelberg (2007). doi:10.1007/978-3-540-75496-1_9

    Chapter  Google Scholar 

  35. Kolesnikov, V., Mohassel, P., Rosulek, M.: FleXOR: flexible garbling for XOR gates that beats Free-XOR. In: Garay, J.A., Gennaro, R. (eds.) CRYPTO 2014. LNCS, vol. 8617, pp. 440–457. Springer, Heidelberg (2014). doi:10.1007/978-3-662-44381-1_25

    Chapter  Google Scholar 

  36. Kolesnikov, V., Schneider, T.: Improved garbled circuit: free XOR gates and applications. In: Aceto, L., Damgård, I., Goldberg, L.A., Halldórsson, M.M., Ingólfsdóttir, A., Walukiewicz, I. (eds.) ICALP 2008. LNCS, vol. 5126, pp. 486–498. Springer, Heidelberg (2008). doi:10.1007/978-3-540-70583-3_40

    Chapter  Google Scholar 

  37. Kosba, A., Miller, A., Shi, E., Wen, Z., Papamanthou, C.: Hawk: the blockchain model of cryptography and privacy-preserving smart contracts. Cryptology ePrint Archive, Report 2015/675 (2015)

    Google Scholar 

  38. Küpçü, A.: Efficient cryptography for the next generation secure cloud. Ph.D. thesis, Brown University (2010)

    Google Scholar 

  39. Küpçü, A.: Efficient Cryptography for the Next Generation Secure Cloud: Protocols, Proofs, and Implementation. Lambert Academic Publishing, Saarbrücken (2010)

    Google Scholar 

  40. Küpçü, A.: Distributing trusted third parties. ACM SIGACT News Distrib. Comput. Column 44, 92–112 (2013)

    Article  MathSciNet  Google Scholar 

  41. Küpçü, A., Lysyanskaya, A.: Optimistic fair exchange with multiple arbiters. In: Gritzalis, D., Preneel, B., Theoharidou, M. (eds.) ESORICS 2010. LNCS, vol. 6345, pp. 488–507. Springer, Heidelberg (2010). doi:10.1007/978-3-642-15497-3_30

    Chapter  Google Scholar 

  42. Küpçü, A., Lysyanskaya, A.: Usable optimistic fair exchange. In: Pieprzyk, J. (ed.) CT-RSA 2010. LNCS, vol. 5985, pp. 252–267. Springer, Heidelberg (2010). doi:10.1007/978-3-642-11925-5_18

    Chapter  Google Scholar 

  43. Küpçü, A., Lysyanskaya, A.: Usable optimistic fair exchange. Comput. Netw. 56, 50–63 (2012)

    Article  Google Scholar 

  44. Lindell, A.Y.: Legally-enforceable fairness in secure two-party computation. In: Malkin, T. (ed.) CT-RSA 2008. LNCS, vol. 4964, pp. 121–137. Springer, Heidelberg (2008). doi:10.1007/978-3-540-79263-5_8

    Chapter  Google Scholar 

  45. Lindell, Y.: Fast cut-and-choose based protocols for malicious and covert adversaries. In: Canetti, R., Garay, J.A. (eds.) CRYPTO 2013. LNCS, vol. 8043, pp. 1–17. Springer, Heidelberg (2013). doi:10.1007/978-3-642-40084-1_1

    Chapter  Google Scholar 

  46. Lindell, Y., Pinkas, B.: A proof of yaos protocol for secure two-party computation. In: ECCC (2004)

    Google Scholar 

  47. Lindell, Y., Pinkas, B.: An efficient protocol for secure two-party computation in the presence of malicious adversaries. In: Naor, M. (ed.) EUROCRYPT 2007. LNCS, vol. 4515, pp. 52–78. Springer, Heidelberg (2007). doi:10.1007/978-3-540-72540-4_4

    Chapter  Google Scholar 

  48. Lindell, Y., Pinkas, B.: Secure two-party computation via cut-and-choose oblivious transfer. In: Ishai, Y. (ed.) TCC 2011. LNCS, vol. 6597, pp. 329–346. Springer, Heidelberg (2011). doi:10.1007/978-3-642-19571-6_20

    Chapter  Google Scholar 

  49. Micali, S.: Simple and fast optimistic protocols for fair electronic exchange. In: PODC (2003)

    Google Scholar 

  50. Mohassel, P., Franklin, M.: Efficient polynomial operations in the shared-coefficients setting. In: Yung, M., Dodis, Y., Kiayias, A., Malkin, T. (eds.) PKC 2006. LNCS, vol. 3958, pp. 44–57. Springer, Heidelberg (2006). doi:10.1007/11745853_4

    Chapter  Google Scholar 

  51. Mohassel, P., Franklin, M.: Efficiency tradeoffs for malicious two-party computation. In: Yung, M., Dodis, Y., Kiayias, A., Malkin, T. (eds.) PKC 2006. LNCS, vol. 3958, pp. 458–473. Springer, Heidelberg (2006). doi:10.1007/11745853_30

    Chapter  Google Scholar 

  52. Mohassel, P., Riva, B.: Garbled circuits checking garbled circuits: more efficient and secure two-party computation. In: Canetti, R., Garay, J.A. (eds.) CRYPTO 2013. LNCS, vol. 8043, pp. 36–53. Springer, Heidelberg (2013). doi:10.1007/978-3-642-40084-1_3

    Chapter  Google Scholar 

  53. Moran, T., Naor, M., Segev, G.: An optimally fair coin toss. In: Reingold, O. (ed.) TCC 2009. LNCS, vol. 5444, pp. 1–18. Springer, Heidelberg (2009). doi:10.1007/978-3-642-00457-5_1

    Chapter  Google Scholar 

  54. Nielsen, J.B., Nordholt, P.S., Orlandi, C., Burra, S.S.: A new approach to practical active-secure two-party computation. In: Safavi-Naini, R., Canetti, R. (eds.) CRYPTO 2012. LNCS, vol. 7417, pp. 681–700. Springer, Heidelberg (2012). doi:10.1007/978-3-642-32009-5_40

    Chapter  Google Scholar 

  55. Pinkas, B.: Fair secure two-party computation. In: Biham, E. (ed.) EUROCRYPT 2003. LNCS, vol. 2656, pp. 87–105. Springer, Heidelberg (2003). doi:10.1007/3-540-39200-9_6

    Chapter  Google Scholar 

  56. Rabin, M.O.: How to exchange secrets with oblivious transfer. IACR Cryptology ePrint Archive, 2005:187 (2005)

    Google Scholar 

  57. Ruan, O., Chen, J., Zhou, J., Cui, Y., Zhang, M.: An efficient fair UC-secure protocol for two-party computation. Secur. Commun. Netw. 7, 1253–1263 (2013)

    Article  Google Scholar 

  58. Ruan, O., Zhou, J., Zheng, M., Cui, G.: Efficient fair secure two-party computation. In: IEEE APSCC (2012)

    Google Scholar 

  59. Shelat, A., Shen, C.: Two-output secure computation with malicious adversaries. In: Paterson, K.G. (ed.) EUROCRYPT 2011. LNCS, vol. 6632, pp. 386–405. Springer, Heidelberg (2011). doi:10.1007/978-3-642-20465-4_22

    Chapter  Google Scholar 

  60. Shelat, A., Shen, C.-H.: Fast two-party secure computation with minimal assumptions. In: ACM CCS (2013)

    Google Scholar 

  61. Yao, A.C.-C.: How to generate and exchange secrets. In: FOCS (1986)

    Google Scholar 

  62. Zahur, S., Rosulek, M., Evans, D.: Two halves make a whole. In: Oswald, E., Fischlin, M. (eds.) EUROCRYPT 2015. LNCS, vol. 9057, pp. 220–250. Springer, Heidelberg (2015). doi:10.1007/978-3-662-46803-6_8

    Google Scholar 

  63. Alptekin, K., Mohassel, P.: Fast optimistically fair cut-and-choose 2PC. Cryptology ePrint Archive, Report 2015/1209 (2015)

    Google Scholar 

Download references

Acknowledgements

We thank TÜBİTAK, the Scientific and Technological Research Council of Turkey, project 111E019, and European Union COST Action IC1306.

Author information

Authors and Affiliations

  1. Koç University, İstanbul, Turkey

    Alptekin Küpçü

  2. Yahoo Labs, Sunnyvale, USA

    Payman Mohassel

Authors
  1. Alptekin Küpçü
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Payman Mohassel
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Payman Mohassel .

Editor information

Editors and Affiliations

  1. Technical University Munich, Garching, Germany

    Jens Grossklags

  2. Department of Electrical Engineering-ESAT, KU Leuven, Leuven, Belgium

    Bart Preneel

Rights and permissions

Reprints and permissions

Copyright information

© 2017 International Financial Cryptography Association

About this paper

Cite this paper

Küpçü, A., Mohassel, P. (2017). Fast Optimistically Fair Cut-and-Choose 2PC. In: Grossklags, J., Preneel, B. (eds) Financial Cryptography and Data Security. FC 2016. Lecture Notes in Computer Science(), vol 9603. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-662-54970-4_12

Download citation

  • DOI: https://doi.org/10.1007/978-3-662-54970-4_12

  • Published:

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-662-54969-8

  • Online ISBN: 978-3-662-54970-4

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation