STOC '87 Proceedings of the nineteenth annual ACM symposium on Theory of computing
Completeness theorems for non-cryptographic fault-tolerant distributed computation
STOC '88 Proceedings of the twentieth annual ACM symposium on Theory of computing
Multiparty unconditionally secure protocols
STOC '88 Proceedings of the twentieth annual ACM symposium on Theory of computing
Verifiable secret sharing and multiparty protocols with honest majority
STOC '89 Proceedings of the twenty-first annual ACM symposium on Theory of computing
Perfectly secure message transmission
Journal of the ACM (JACM)
Simplified VSS and fast-track multiparty computations with applications to threshold cryptography
PODC '98 Proceedings of the seventeenth annual ACM symposium on Principles of distributed computing
Communications of the ACM
Multiparty Protocols Tolerating Half Faulty Processors
CRYPTO '89 Proceedings of the 9th Annual International Cryptology Conference on Advances in Cryptology
Non-Interactive and Information-Theoretic Secure Verifiable Secret Sharing
CRYPTO '91 Proceedings of the 11th Annual International Cryptology Conference on Advances in Cryptology
Proactive Secret Sharing Or: How to Cope With Perpetual Leakage
CRYPTO '95 Proceedings of the 15th Annual International Cryptology Conference on Advances in Cryptology
Trading Correctness for Privacy in Unconditional Multi-Party Computation (Extended Abstract)
CRYPTO '98 Proceedings of the 18th Annual International Cryptology Conference on Advances in Cryptology
Efficient Secure Multi-party Computation
ASIACRYPT '00 Proceedings of the 6th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
Protocols for secure computations
SFCS '82 Proceedings of the 23rd Annual Symposium on Foundations of Computer Science
A practical scheme for non-interactive verifiable secret sharing
SFCS '87 Proceedings of the 28th Annual Symposium on Foundations of Computer Science
Computing inverses over a shared secret modulus
EUROCRYPT'00 Proceedings of the 19th international conference on Theory and application of cryptographic techniques
Simplified threshold RSA with adaptive and proactive security
EUROCRYPT'06 Proceedings of the 24th annual international conference on The Theory and Applications of Cryptographic Techniques
A deniable group key establishment protocol in the standard model
ISPEC'10 Proceedings of the 6th international conference on Information Security Practice and Experience
Hi-index | 0.00 |
Secure multi-party computation (MPC) protocols enable a set of n mutually distrusting participants P 1 , ..., P n , each with their own private input x i , to compute a function Y = F (x 1 , ..., x n ), such that at the end of the protocol, all participants learn the correct value of Y , while secrecy of the private inputs is maintained. Classical results in the unconditionally secure MPC indicate that in the presence of an active adversary, every function can be computed if and only if the number of corrupted participants, t a , is smaller than n /3. Relaxing the requirement of perfect secrecy and utilizing broadcast channels, one can improve this bound to t a n /2. All existing MPC protocols assume that uncorrupted participants are truly honest, i.e., they are not even curious in learning other participant secret inputs. Based on this assumption, some MPC protocols are designed in such a way that after elimination of all misbehaving participants, the remaining ones learn all information in the system. This is not consistent with maintaining privacy of the participant inputs. Furthermore, an improvement of the classical results given by Fitzi, Hirt, and Maurer indicates that in addition to t a actively corrupted participants, the adversary may simultaneously corrupt some participants passively. This is in contrast to the assumption that participants who are not corrupted by an active adversary are truly honest. This paper examines the privacy of MPC protocols, and introduces the notion of an omnipresent adversary , which cannot be eliminated from the protocol. The omnipresent adversary can be either a passive, an active or a mixed one. We assume that up to a minority of participants who are not corrupted by an active adversary can be corrupted passively, with the restriction that at any time, the number of corrupted participants does not exceed a predetermined threshold. We will also show that the existence of a t-resilient protocol for a group of n participants, implies the existence of a t'-private protocol for a group of n *** participants. That is, the elimination of misbehaving participants from a t-resilient protocol leads to the decomposition of the protocol. Our adversary model stipulates that a MPC protocol never operates with a set of truly honest participants (which is a more realistic scenario). Therefore, privacy of all participants who properly follow the protocol will be maintained. We present a novel disqualification protocol to avoid a loss of privacy of participants who properly follow the protocol.