Lower bounds and optimal protocols for three-party secure computation
10 Jul 2016-pp 1361-1365
TL;DR: New and better lower bounds on the amount of communication required between the parties to guarantee zero probability of error in the computation and achieve information-theoretic security are derived.
Abstract: The problem of three-party secure computation, where a function of private data of two parties is to be computed by a third party without revealing information beyond respective inputs or outputs is considered. New and better lower bounds on the amount of communication required between the parties to guarantee zero probability of error in the computation and achieve information-theoretic security are derived. Protocols are presented and proved to be optimal in some cases by showing that they achieve the improved lower bounds.
Citations
More filters
Proceedings Article•
01 Jan 2018TL;DR: In this paper, a secure multi-party computation (MPC) protocol with information-theoretic security against passive corruption has been proposed for the case of aggregating functionalities.
Abstract: A fundamental problem in the theory of secure multi-party computation (MPC) is to characterize functions with more than 2 parties which admit MPC protocols with information-theoretic security against passive corruption. This question has seen little progress since the work of Chor and Ishai (2001), which demonstrated difficulties in resolving it. In this work, we make significant progress towards resolving this question in the important case of aggregating functionalities, in which m parties P1, . . . , Pm hold inputs x1, . . . , xm and an aggregating party P0 must learn f(x1, . . . , xm). We give a necessary condition and a slightly stronger sufficient condition for f to admit a secure protocol. Both the conditions are stated in terms of an algebraic structure we introduce called Commuting Permutations Systems (CPS), which may be of independent combinatorial interest. When our sufficiency condition is met, we obtain a perfectly secure protocol with minimal interaction, that fits the model of Non-Interactive MPC or NIMPC (Beimel et al., 2014), but without the need for a trusted party to generate correlated randomness. We define Unassisted Non-Interactive MPC (UNIMPC) to capture this variant. We also present an NIMPC protocol for all functionalities, which is simpler and more efficient than the one given in the prior work. 2012 ACM Subject Classification Theory of computation → Cryptographic protocols, Theory of computation → Complexity classes, Security and privacy → Mathematical foundations of
3 citations
15 Dec 2019
TL;DR: This note shows that in fact, this message is also optimal in the protocol of Feige et al. (ISIT 2016), which improves on a previous result of Rajan et al., which showed this optimality restricted to protocols where Alice and Bob are deterministic.
Abstract: In an influential work aimed at understanding the communication requirements of secure computation, Feige, Kilian and Naor introduced a minimal model of secure computation (STOC 1994). In that work, among other results, Feige et al. presented a simple protocol for the 2 input AND function. It has remained an intriguing question whether the communication and randomness used in this protocol are optimal. While previous work of Data et al. (CRYPTO 2014) showed that the communication from the two parties with inputs (Alice and Bob) to the third party who gets the output is optimal, the question of optimality for the third message in the protocol – a common reference string shared between Alice and Bob – remained open. In this note we show that in fact, this message (and hence all the randomness used in the protocol) is also optimal in the protocol of Feige et al. This improves on a previous result of Rajan et al. (ISIT 2016), which showed this optimality restricted to protocols where Alice and Bob are deterministic. Further, our result holds even if only a weak secrecy condition is required of the protocol.
1 citations
References
More filters
TL;DR: It is shown that this oblivious protocol requires fewer messages than the known private protocols for modular addition, and is in a sense optimal, by proving a tight lower bound of ⌈n·(t+1)/2⌉ messages for any oblivious protocol that computes the sum t-privately.
75 citations
17 Aug 2014
TL;DR: In this article, the authors studied the communication complexity of MPC in information theoretically secure multi-party computation (MPC) and showed that MPC is a central primitive of modern cryptography.
Abstract: Information theoretically secure multi-party computation (MPC) is a central primitive of modern cryptography. However, relatively little is known about the communication complexity of this primitive.
26 citations
Book•
01 Jan 2008TL;DR: In this paper, the authors introduce rings, groups and modules for the number system and apply them to a variety of applications, e.g., in the field of number systems.
Abstract: 1. Introduction 2. Rings 3. Groups 4. Vector spaces 5. Modules 6. The number systems 7. Further topics 8. Applications Further reading Index
25 citations
"Lower bounds and optimal protocols ..." refers background in this paper
...However, for the case when Q is a prime power, the set of permutations {ax + ß : a, ß E IF Q, a -=I- O} form a sharply 2-transitive permutation set, where IF Q is the finite field of order Q [13]....
[...]