A randomized protocol for signing contracts
Communications of the ACM
Limits on the security of coin flips when half the processors are faulty
STOC '86 Proceedings of the eighteenth annual ACM symposium on Theory of computing
STOC '87 Proceedings of the nineteenth annual ACM symposium on Theory of computing
The round complexity of secure protocols
STOC '90 Proceedings of the twenty-second annual ACM symposium on Theory of computing
ACM Transactions on Computer Systems (TOCS)
A Fair Protocol for Signing Contracts (Extended Abstract)
Proceedings of the 12th Colloquium on Automata, Languages and Programming
CRYPTO '00 Proceedings of the 20th Annual International Cryptology Conference on Advances in Cryptology
Cryptographic Computation: Secure Faut-Tolerant Protocols and the Public-Key Model
CRYPTO '87 A Conference on the Theory and Applications of Cryptographic Techniques on Advances in Cryptology
Controlled Gradual Disclosure Schemes for Random Bits and Their Applications
CRYPTO '89 Proceedings of the 9th Annual International Cryptology Conference on Advances in Cryptology
Fair Computation of General Functions in Presence of Immoral Majority
CRYPTO '90 Proceedings of the 10th Annual International Cryptology Conference on Advances in Cryptology
Bounded-concurrent secure multi-party computation with a dishonest majority
STOC '04 Proceedings of the thirty-sixth annual ACM symposium on Theory of computing
On achieving the "best of both worlds" in secure multiparty computation
Proceedings of the thirty-ninth annual ACM symposium on Theory of computing
Complete fairness in secure two-party computation
STOC '08 Proceedings of the fortieth annual ACM symposium on Theory of computing
How to simultaneously exchange a secret bit by flipping a symmetrically-biased coin
SFCS '83 Proceedings of the 24th Annual Symposium on Foundations of Computer Science
How to generate and exchange secrets
SFCS '86 Proceedings of the 27th Annual Symposium on Foundations of Computer Science
Multiparty computation with faulty majority
SFCS '89 Proceedings of the 30th Annual Symposium on Foundations of Computer Science
TCC '09 Proceedings of the 6th Theory of Cryptography Conference on Theory of Cryptography
Complete Fairness in Multi-party Computation without an Honest Majority
TCC '09 Proceedings of the 6th Theory of Cryptography Conference on Theory of Cryptography
Fair secure two-party computation
EUROCRYPT'03 Proceedings of the 22nd international conference on Theory and applications of cryptographic techniques
Protocols for multiparty coin toss with dishonest majority
CRYPTO'10 Proceedings of the 30th annual conference on Advances in cryptology
On Achieving the “Best of Both Worlds” in Secure Multiparty Computation
SIAM Journal on Computing
On complete primitives for fairness
TCC'10 Proceedings of the 7th international conference on Theory of Cryptography
Partial fairness in secure two-party computation
EUROCRYPT'10 Proceedings of the 29th Annual international conference on Theory and Applications of Cryptographic Techniques
On combining privacy with guaranteed output delivery in secure multiparty computation
CRYPTO'06 Proceedings of the 26th annual international conference on Advances in Cryptology
Resource fairness and composability of cryptographic protocols
TCC'06 Proceedings of the Third conference on Theory of Cryptography
Complete Fairness in Secure Two-Party Computation
Journal of the ACM (JACM)
Efficient secure computation with garbled circuits
ICISS'11 Proceedings of the 7th international conference on Information Systems Security
Identifying cheaters without an honest majority
TCC'12 Proceedings of the 9th international conference on Theory of Cryptography
Hi-index | 0.00 |
A protocol for computing a functionality is secure if an adversary in this protocol cannot cause more harm than in an ideal computation, where parties give their inputs to a trusted party which returns the output of the functionality to all parties. In particular, in the ideal model such computation is fair - all parties get the output. Cleve (STOC 1986) proved that, in general, fairness is not possible without an honest majority. To overcome this impossibility, Gordon and Katz (Eurocrypt 2010) suggested a relaxed definition - 1/p-secure computation - which guarantees partial fairness. For two parties, they construct 1/p-secure protocols for functionalities for which the size of either their domain or their range is polynomial (in the security parameter). Gordon and Katz ask whether their results can be extended to multiparty protocols. We study 1/p-secure protocols in the multiparty setting for general functionalities. Our main result is constructions of 1/p-secure protocols that are resilient against any number of corrupt parties provided that the number of parties is constant and the size of the range of the functionality is at most polynomial (in the security parameter n). If less than 2/3 of the parties are corrupt, the size of the domain is constant, and the functionality is deterministic, then our protocols are efficient even when the number of parties is log log n. On the negative side, we show that when the number of parties is super-constant, 1/p-secure protocols are not possible when the size of the domain is polynomial. Thus, our feasibility results for 1/p-secure computation are essentially tight. We further motivate our results by constructing protocols with stronger guarantees: If in the execution of the protocol there is a majority of honest parties, then our protocols provide full security. However, if only a minority of the parties are honest, then our protocols are 1/psecure. Thus, our protocols provide the best of both worlds, where the 1/p-security is only a fall-back option if there is no honest majority.