ePrints@IIScePrints@IISc Home | About | Browse | Latest Additions | Advanced Search | Contact | Help

On the Exact Round Complexity of Best-of-Both-Worlds Multi-party Computation

Patra, A and Ravi, D and Singla, S (2020) On the Exact Round Complexity of Best-of-Both-Worlds Multi-party Computation. In: Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), 7 December 2020 through 11 December 2020, Daejeon; South Korea, pp. 60-91.

[img] PDF
Lec-Not-Com-Sci-2493-0-91.pdf - Published Version
Restricted to Registered users only

Download (1MB) | Request a copy
Official URL: https://dx.doi.org/10.1007/978-3-030-64840-4_3


The two traditional streams of multiparty computation (MPC) protocols consist of� (a) protocols achieving guaranteed output delivery (god) or fairness (fn) in the honest-majority setting and (b) protocols achieving unanimous or selective abort (ua, sa) in the dishonest-majority setting. The favorable presence of honest majority amongst the participants is necessary to achieve the stronger notions of god or fn. While the constructions of each type are abound in the literature, one class of protocols does not seem to withstand the threat model of the other. For instance, the honest-majority protocols do not guarantee privacy of the inputs of the honest parties in the face of dishonest majority and likewise the dishonest-majority protocols cannot achieve god and fn, tolerating even a single corruption, let alone dishonest minority. The promise of the unconventional yet much sought-after species of MPC, termed as �Best-of-Both-Worlds� (BoBW), is to offer the best possible security depending on the actual corruption scenario. This work nearly settles the exact round complexity of two classes of BoBW protocols differing on the security achieved in the honest-majority setting, namely god and fn respectively, under the assumption of no setup (plain model), public setup (CRS) and private setup (CRS + PKI or simply PKI). The former class necessarily requires the number of parties to be strictly more than the sum of the bounds of corruptions in the honest-majority and dishonest-majority setting, for a feasible solution to exist. Demoting the goal to the second-best attainable security in the honest-majority setting, the latter class needs no such restriction. Assuming a network with pair-wise private channels and a broadcast channel, we show that 5 and 3 rounds are necessary and sufficient for the class of BoBW MPC with fn under the assumption of �no setup� and �public and private setup� respectively. For the class of BoBW MPC with god, we show necessity and sufficiency of 3 rounds for the public setup case and 2 rounds for the private setup case. In the no setup setting, we show the sufficiency of 5 rounds, while the known lower bound is 4. All our upper bounds are based on polynomial-time assumptions and assume black-box simulation. With distinct feasibility conditions, the classes differ in terms of the round requirement. The bounds are in some cases different and on a positive note at most one more, compared to the maximum of the needs of the honest-majority and dishonest-majority setting. Our results remain unaffected when security with abort and fairness are upgraded to their identifiable counterparts. © 2020, International Association for Cryptologic Research.

Item Type: Conference Paper
Publication: Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Publisher: Springer Science and Business Media Deutschland GmbH
Additional Information: cited By 0; Conference of 26th International Conference on the Theory and Application of Cryptology and Information Security, ASIACRYPT 2020 ; Conference Date: 7 December 2020 Through 11 December 2020; Conference Code:252839
Keywords: Crime; Cryptography; Polynomial approximation; Privacy by design, Black-box simulation; Broadcast channels; Feasibility condition; Feasible solution; Multiparty computation; Polynomial-time; Private channels; Round complexity, Complex networks
Department/Centre: Division of Electrical Sciences > Computer Science & Automation
Date Deposited: 02 Feb 2021 06:38
Last Modified: 02 Feb 2021 06:38
URI: http://eprints.iisc.ac.in/id/eprint/67549

Actions (login required)

View Item View Item