How to prove yourself: practical solutions to identification and signature problems
Proceedings on Advances in cryptology---CRYPTO '86
Robust Non-interactive Zero Knowledge
CRYPTO '01 Proceedings of the 21st Annual International Cryptology Conference on Advances in Cryptology
Foundations of Cryptography: Volume 2, Basic Applications
Foundations of Cryptography: Volume 2, Basic Applications
Fully homomorphic encryption using ideal lattices
Proceedings of the forty-first annual ACM symposium on Theory of computing
Secure Multi-party Computation Minimizing Online Rounds
ASIACRYPT '09 Proceedings of the 15th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
How many oblivious transfers are needed for secure multiparty computation?
CRYPTO'07 Proceedings of the 27th annual international cryptology conference on Advances in cryptology
i-hop homomorphic encryption and rerandomizable Yao circuits
CRYPTO'10 Proceedings of the 30th annual conference on Advances in cryptology
On-the-fly multiparty computation on the cloud via multikey fully homomorphic encryption
STOC '12 Proceedings of the forty-fourth annual ACM symposium on Theory of computing
Multiparty computation with low communication, computation and interaction via threshold FHE
EUROCRYPT'12 Proceedings of the 31st Annual international conference on Theory and Applications of Cryptographic Techniques
TCC'13 Proceedings of the 10th theory of cryptography conference on Theory of Cryptography
Canon-MPC, a system for casual non-interactive secure multi-party computation using native client
Proceedings of the 12th ACM workshop on Workshop on privacy in the electronic society
Hi-index | 0.00 |
Secure computation enables mutually suspicious parties to compute a joint function of their private inputs while providing strong security guarantees. However, its use in practice seems limited. We argue that one of the reasons for this is that the model of computation on the web is not suited to the type of communication patterns needed for secure computation. Specifically, in most web scenarios clients independently connect to servers, interact with them and then leave. This rules out the use of secure computation protocols that require that all participants interact simultaneously. We initiate a study of secure computation in a client-server model where each client connects to the server once and interacts with it, without any other client necessarily being connected at the same time. We point out some inherent limitations in this model and present definitions that capture what can be done. We also present a general feasibility result and several truly practical protocols for a number of functions of interest. All our protocols are based on standard assumptions, and we achieve security both in the semi-honest and malicious adversary models.