Abstract
The classical “BGW protocol” (Ben-Or, Goldwasser, and Wigderson, STOC 1988) shows that secure multiparty computation (MPC) among n parties can be realized with perfect full security if \(t < n/3\) parties are corrupted. This holds against malicious adversaries in the “standard” model for MPC, where a fixed set of n parties is involved in the full execution of the protocol. However, the picture is less clear in the mobile adversary setting of Ostrovsky and Yung (PODC 1991), where the adversary may periodically “move” by uncorrupting parties and corrupting a new set of t parties. In this setting, it is unclear if full security can be achieved against an adversary that is maximally mobile, i.e., moves after every round. The question is further motivated by the “You Only Speak Once” (YOSO) setting of Gentry et al. (Crypto 2021), where not only the adversary is mobile but also each round is executed by a disjoint set of parties. Previous positive results in this model do not achieve perfect security, and either assume probabilistic corruption and a nonstandard communication model, or only realize the weaker goal of security-with-abort. The question of matching the BGW result in these settings remained open.
In this work, we tackle the above two challenges simultaneously. We consider a layered MPC model, a simplified variant of the fluid MPC model of Choudhuri et al. (Crypto 2021). Layered MPC is an instance of standard MPC where the interaction pattern is defined by a layered graph of width n, allowing each party to send secret messages and broadcast messages only to parties in the next layer. We require perfect security against a malicious adversary who may corrupt at most t parties in each layer. Our main result is a perfect, fully secure layered MPC protocol with an optimal corruption threshold of \(t < n/3\), thus extending the BGW feasibility result to the layered setting. This implies perfectly secure MPC protocols against a maximally mobile adversary.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
A term from [30] for protocols where a new set of parties executes each round.
- 2.
In CNF-based secret sharing, the secret is first split into \({n\atopwithdelims ()t}\) additive shares–a share \(r_T\) for each set \(T\subset [n]\) of size t–and party i receives all shares \(r_T\) such that \(i\not \in T\).
- 3.
The inherent issue with state complexity originates from a common misconception (see fx [18]) that any general arithmetic circuit can be transformed into a layered circuit with same depth and only linear overhead in width.
- 4.
- 5.
While we can meaningfully argue that the final protocol for computing general functionalities is UC-secure, we do not treat individual components of this protocol in a UC manner. This would require a significant modelling effort of communication and synchronization for layered MPC and would be counterproductive in our effort to present layered MPC as a simple special case of secure MPC as in [8, 31].
- 6.
The instance of Future Messaging with honest sender in \(\mathcal {L}_0\) and honest receiver in \(\mathcal {L}_2\) is equivalent to perfect 1-way SMT.
- 7.
Here, we refer to the primitive in the setting of layered MPC that ensures termination, validity and agreement among all parties located in some layer \(d>1\). Not Future Broadcast as defined in [28].
References
Acharya, A., Hazay, C., Kolesnikov, V., Prabhakaran, M.: SCALES - MPC with small clients and larger ephemeral servers. In: Kiltz, E., Vaikuntanathan, V. (eds.) TCC 2022, Part II. LNCS, vol. 13748, pp. 502–531. Springer, Heidelberg (Nov (2022)
Almansa, J.F., Damgård, I., Nielsen, J.B.: Simplified Threshold RSA with Adaptive and Proactive Security. In: Vaudenay, S. (ed.) EUROCRYPT 2006. LNCS, vol. 4004, pp. 593–611. Springer, Heidelberg (2006). https://doi.org/10.1007/11761679_35
Baron, J., Defrawy, K.E., Lampkins, J., Ostrovsky, R.: Communication-Optimal Proactive Secret Sharing for Dynamic Groups. In: Malkin, T., Kolesnikov, V., Lewko, A.B., Polychronakis, M. (eds.) ACNS 2015. LNCS, vol. 9092, pp. 23–41. Springer, Cham (2015). https://doi.org/10.1007/978-3-319-28166-7_2
Ben-Or, M., Goldwasser, S., Wigderson, A.: Completeness theorems for non-cryptographic fault-tolerant distributed computation (extended abstract). In: 20th ACM STOC. pp. 1–10. ACM Press (May 1988)
Benhamouda, F., Gentry, C., Gorbunov, S., Halevi, S., Krawczyk, H., Lin, C., Rabin, T., Reyzin, L.: Can a Public Blockchain Keep a Secret? In: Pass, R., Pietrzak, K. (eds.) TCC 2020. LNCS, vol. 12550, pp. 260–290. Springer, Cham (2020). https://doi.org/10.1007/978-3-030-64375-1_10
Blum, E., Katz, J., Liu-Zhang, C.-D., Loss, J.: Asynchronous Byzantine Agreement with Subquadratic Communication. In: Pass, R., Pietrzak, K. (eds.) TCC 2020. LNCS, vol. 12550, pp. 353–380. Springer, Cham (2020). https://doi.org/10.1007/978-3-030-64375-1_13
Cachin, C., Kursawe, K., Lysyanskaya, A., Strobl, R.: Asynchronous verifiable secret sharing and proactive cryptosystems. In: Proceedings of the 9th ACM Conference on Computer and Communications Security. pp. 88–97 (2002)
Canetti, R.: Security and composition of multiparty cryptographic protocols. Journal of CRYPTOLOGY 13(1), 143–202 (2000)
Canetti, R.: Universally composable security: A new paradigm for cryptographic protocols. In: 42nd FOCS. pp. 136–145. IEEE Computer Society Press (Oct 2001)
Canetti, R., Damgard, I., Dziembowski, S., Ishai, Y., Malkin, T.: Adaptive versus non-adaptive security of multi-party protocols. Journal of Cryptology 17, 153–207 (2004)
Canetti, R., Herzberg, A.: Maintaining Security in the Presence of Transient Faults. In: Desmedt, Y.G. (ed.) CRYPTO 1994. LNCS, vol. 839, pp. 425–438. Springer, Heidelberg (1994). https://doi.org/10.1007/3-540-48658-5_38
Chen, J., Micali, S.: Algorand: A secure and efficient distributed ledger. Theoretical Computer Science 777, 155–183 (2019)
Choudhuri, A.R., Goel, A., Green, M., Jain, A., Kaptchuk, G.: Fluid MPC: Secure Multiparty Computation with Dynamic Participants. In: Malkin, T., Peikert, C. (eds.) CRYPTO 2021. LNCS, vol. 12826, pp. 94–123. Springer, Cham (2021). https://doi.org/10.1007/978-3-030-84245-1_4
Cramer, R., Damgård, I., Dziembowski, S., Hirt, M., Rabin, T.: Efficient Multiparty Computations Secure Against an Adaptive Adversary. In: Stern, J. (ed.) EUROCRYPT 1999. LNCS, vol. 1592, pp. 311–326. Springer, Heidelberg (1999). https://doi.org/10.1007/3-540-48910-X_22
Cramer, R., Damgård, I., Maurer, U.: General Secure Multi-party Computation from any Linear Secret-Sharing Scheme. In: Preneel, B. (ed.) EUROCRYPT 2000. LNCS, vol. 1807, pp. 316–334. Springer, Heidelberg (2000). https://doi.org/10.1007/3-540-45539-6_22
Cramer, R., Damgård, I., Nielsen, J.B.: Secure Multiparty Computation and Secret Sharing. Cambridge University Press (2015), https://www.cambridge.org/de/academic/subjects/computer-science/cryptography-cryptology-and-coding/secure-multiparty-computation-and-secret-sharing?format=HB &isbn=9781107043053
Damgård, I., Ishai, Y.: Constant-Round Multiparty Computation Using a Black-Box Pseudorandom Generator. In: Shoup, V. (ed.) CRYPTO 2005. LNCS, vol. 3621, pp. 378–394. Springer, Heidelberg (2005). https://doi.org/10.1007/11535218_23
Damgård, I., Escudero, D., Polychroniadou, A.: Phoenix: Secure computation in an unstable network with dropouts and comebacks. Cryptology ePrint Archive, Paper 2021/1376 (2021), https://eprint.iacr.org/2021/1376
David, B., Konring, A., Ishai, Y., Kushilevitz, E., Narayanan, V.: Perfect mpc over layered graphs. Cryptology ePrint Archive, Paper 2023/330 (2023), https://eprint.iacr.org/2023/330
Deligios, G., Goel, A., Liu-Zhang, C.D.: Maximally-fluid mpc with guaranteed output delivery. Cryptology ePrint Archive, Paper 2023/415 (2023), https://eprint.iacr.org/2023/415
Desmedt, Y., Jajodia, S.: Redistributing secret shares to new access structures and its applications. Tech. rep, Citeseer (1997)
Eldefrawy, K., Lepoint, T., Leroux, A.: Communication-Efficient Proactive Secret Sharing for Dynamic Groups with Dishonest Majorities. In: Conti, M., Zhou, J., Casalicchio, E., Spognardi, A. (eds.) ACNS 2020. LNCS, vol. 12146, pp. 3–23. Springer, Cham (2020). https://doi.org/10.1007/978-3-030-57808-4_1
Feldman, P., Micali, S.: Byzantine agreement in constant expected time (and trusting no one). In: 26th FOCS. pp. 267–276. IEEE Computer Society Press (Oct 1985)
Fitzi, M., Garay, J.A.: Efficient player-optimal protocols for strong and differential consensus. In: Borowsky, E., Rajsbaum, S. (eds.) 22nd ACM PODC. pp. 211–220. ACM (Jul 2003)
Fitzi, M., Liu-Zhang, C.D., Loss, J.: A new way to achieve round-efficient byzantine agreement. In: Proceedings of the 2021 ACM Symposium on Principles of Distributed Computing. pp. 355–362 (2021)
Garay, J.A.: Reaching (and maintaining) agreement in the presence of mobile faults. In: International Workshop on Distributed Algorithms. pp. 253–264. Springer (1994)
Gennaro, R., Ishai, Y., Kushilevitz, E., Rabin, T.: The round complexity of verifiable secret sharing and secure multicast. In: 33rd ACM STOC. pp. 580–589. ACM Press (Jul 2001)
Gentry, C., Halevi, S., Krawczyk, H., Magri, B., Nielsen, J.B., Rabin, T., Yakoubov, S.: YOSO: You Only Speak Once. In: Malkin, T., Peikert, C. (eds.) CRYPTO 2021. LNCS, vol. 12826, pp. 64–93. Springer, Cham (2021). https://doi.org/10.1007/978-3-030-84245-1_3
Ghinea, D., Goyal, V., Liu-Zhang, C.D.: Round-optimal byzantine agreement. In: Dunkelman, O., Dziembowski, S. (eds.) EUROCRYPT 2022, Part I. LNCS, vol. 13275, pp. 96–119. Springer, Heidelberg (May / Jun (2022)
Gilad, Y., Hemo, R., Micali, S., Vlachos, G., Zeldovich, N.: Algorand: Scaling byzantine agreements for cryptocurrencies. In: Proceedings of the 26th Symposium on Operating Systems Principles. pp. 51–68 (2017)
Goldreich, O.: Foundations of cryptography: volume 2, basic applications. Cambridge University Press (2009)
Goyal, V., Kothapalli, A., Masserova, E., Parno, B., Song, Y.: Storing and retrieving secrets on a blockchain. In: Hanaoka, G., Shikata, J., Watanabe, Y. (eds.) PKC 2022, Part I. LNCS, vol. 13177, pp. 252–282. Springer, Heidelberg (Mar (2022)
Halevi, S., Ishai, Y., Jain, A., Kushilevitz, E., Rabin, T.: Secure multiparty computation with general interaction patterns. In: Sudan, M. (ed.) ITCS 2016. pp. 157–168. ACM (Jan 2016)
Herzberg, A., Jarecki, S., Krawczyk, H., Yung, M.: Proactive Secret Sharing Or: How to Cope With Perpetual Leakage. In: Coppersmith, D. (ed.) CRYPTO 1995. LNCS, vol. 963, pp. 339–352. Springer, Heidelberg (1995). https://doi.org/10.1007/3-540-44750-4_27
Hirt, M., Maurer, U.M.: Player simulation and general adversary structures in perfect multiparty computation. J. Cryptol. 13(1), 31–60 (2000), https://doi.org/10.1007/s001459910003
Katz, J., Koo, C.-Y.: On Expected Constant-Round Protocols for Byzantine Agreement. In: Dwork, C. (ed.) CRYPTO 2006. LNCS, vol. 4117, pp. 445–462. Springer, Heidelberg (2006). https://doi.org/10.1007/11818175_27
Kushilevitz, E., Lindell, Y., Rabin, T.: Information-theoretically secure protocols and security under composition. SIAM Journal on Computing 39(5), 2090–2112 (2010), https://doi.org/10.1137/090755886
Maram, S.K.D., Zhang, F., Wang, L., Low, A., Zhang, Y., Juels, A., Song, D.: CHURP: Dynamic-committee proactive secret sharing. In: Cavallaro, L., Kinder, J., Wang, X., Katz, J. (eds.) ACM CCS 2019. pp. 2369–2386. ACM Press (Nov 2019)
Maurer, U.: Secure multi-party computation made simple. Discrete Applied Mathematics 154(2), 370–381 (2006)
Micali, S.: Very simple and efficient byzantine agreement. In: Papadimitriou, C.H. (ed.) ITCS 2017. vol. 4266, pp. 6:1–6:1. LIPIcs, 67 (Jan 2017)
Ostrovsky, R., Yung, M.: How to withstand mobile virus attacks (extended abstract). In: Logrippo, L. (ed.) 10th ACM PODC. pp. 51–59. ACM (Aug 1991)
Pass, R., Shi, E.: The Sleepy Model of Consensus. In: Takagi, T., Peyrin, T. (eds.) ASIACRYPT 2017. LNCS, vol. 10625, pp. 380–409. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-70697-9_14
Schultz, D., Liskov, B., Liskov, M.: Mpss: mobile proactive secret sharing. ACM Transactions on Information and System Security (TISSEC) 13(4), 1–32 (2010)
Wong, T.M., Wang, C., Wing, J.M.: Verifiable secret redistribution for archive systems. In: First International IEEE Security in Storage Workshop, 2002. Proceedings. pp. 94–105. IEEE (2002)
Acknowledgement
We thank the anonymous reviewers for helpful comments. B. David was supported by the Independent Research Fund Denmark (IRFD) grants number 9040-00399B (TrA2C), 9131-00075B (PUMA) and 0165-00079B. A. Konring was supported by IRFD (TrA2C) and by the Otto Mønsted Foundation in a joint program with Innovation Center Denmark - Israel. Y. Ishai, E. Kushilevitz, and V. Narayanan were supported by ISF grant 2774/20 and BSF grant 2018393. Y. Ishai and V. Narayanan were also supported by ERC Project NTSC (742754).
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2023 International Association for Cryptologic Research
About this paper
Cite this paper
David, B. et al. (2023). Perfect MPC over Layered Graphs. In: Handschuh, H., Lysyanskaya, A. (eds) Advances in Cryptology – CRYPTO 2023. CRYPTO 2023. Lecture Notes in Computer Science, vol 14081. Springer, Cham. https://doi.org/10.1007/978-3-031-38557-5_12
Download citation
DOI: https://doi.org/10.1007/978-3-031-38557-5_12
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-031-38556-8
Online ISBN: 978-3-031-38557-5
eBook Packages: Computer ScienceComputer Science (R0)
